Iptables configuration to prevent TCP SYN flood attack-[VPS]

Support for security such as Firewalls and securing linux
Post Reply
alex363
Posts: 7
Joined: 2014/01/20 10:06:54

Iptables configuration to prevent TCP SYN flood attack-[VPS]

Post by alex363 » 2014/01/30 16:42:42

Dear all,

My VPS is under TCP SYN attack. I'm new to linux firewall. Please help me with the configuration.

Code: Select all

2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           208 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           230 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           236 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           242 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           254 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           246 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           252 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           270 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           232 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           278 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           186 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           184 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           198 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           210 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           198 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           228 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           246 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           228 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           186 ATTACK:TCP_SYN       
2014.01.29 08:16:18 CET    192.x.x.x:0         115.28.7.191:22         TCP      SYN           280 ATTACK:TCP_SYN
Top
User avatar
Super Jamie
Posts: 310
Joined: 2014/01/10 23:44:51

Re: Iptables configuration to prevent TCP SYN flood attack-[

Post by Super Jamie » 2014/02/26 12:01:29

Tell your VPS provider so they can block or blackhole the traffic further upstream.

They don't want this traffic in their network, and they don't want your VPS wasting CPU cycles trying to block it with the software firewall.
Top
Post Reply

Return to “CentOS 5 - Security Support”