5.27. Enable TCP SYN Cookie Protection

A SYN Attack is a denial of service DoS attack that consumes all the resources on your machine, forcing you to reboot. Denial of service attacks -attacks which incapacitate a server due to high traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources or external connections via extranets and Internet. To enable it, you have to do:

Version 6.1.only


            [root@deep] /# echo 1 > /proc/sys/net/ipv4/tcp_syncookies
            
Add the above commands to the /etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.

Version 6.2 only

Edit the /etc/sysctl.conf file and add the following line:

            # Enable TCP SYN Cookie Protection
            net.ipv4.tcp_syncookies = 1
            
You must restart your network for the change to take effect. The command to restart the network is the following:

            [root@deep] /# /etc/rc.d/init.d/network restart
            Setting network parameters          [  OK  ]
            Bringing up interface lo            [  OK  ]
            Bringing up interface eth0          [  OK  ]
            Bringing up interface eth1          [  OK  ]
            
If you receive an error message during execution of the above command, check that you have enabled the TCP syncookies option in your kernel configuration: IP: TCP syncookie support not enabled per default CONFIG_SYN_COOKIES Y/n/?.