Re: TCP SYN Cookie Protection parameter

tcp sequence numbers co · ‎11-17-2009

I'm trying to protect against a "SYN Attack" and would like to no what prarameter setting I need to make and in what file (/etc/rc.config.d/nddconf)?

Steven E. Protter · ‎11-17-2009

Shalom,

Your best bet is to filter the traffic through a real firewall prior to letting it go to your HP-UX system.

ipfilter firewall can also be useful in these circumstances.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

tcp sequence numbers co · ‎11-17-2009

Shalom,
The information that you provided was not useful. I'm looking for the parameter setting within the nddconf file.

BUPA IS · ‎11-19-2009

Hello,
The value you need to tune is
tcp_syn_rcvd_max

You can see the current value setting with

ndd -get /dev/tcp tcp_syn_rcvd_max
also see man ndd and run the command:

ndd -h supported

which displays the list of supported parameters you can edit .
The supplied values work in nearly all cases
I would recommend that you only adjust them if you need to fix a very specific problem.

Mike

Help is out there always!!!!!

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: TCP SYN Cookie Protection parameter

TCP SYN Cookie Protection parameter