{"id":421,"date":"2021-12-27T23:37:04","date_gmt":"2021-12-27T22:37:04","guid":{"rendered":"http:\/\/linuxboxen2.dk\/?p=421"},"modified":"2021-12-27T23:37:04","modified_gmt":"2021-12-27T22:37:04","slug":"ip-syn-flood","status":"publish","type":"post","link":"https:\/\/www.linuxboxen.dk\/?p=421","title":{"rendered":"IP Syn-flood."},"content":{"rendered":"<p>IP Syn-flood. I dette angreb system er oversv\u00f8mmelse en serie af SYN-pakker. Hver pakker for\u00e5rsager systemet til at udstede en SYN-ACK svar. S\u00e5 systemet venter p\u00e5 ACK, der f\u00f8lger SYN + ACK (3 vejs handshake). Da angreb sender aldrig tilbage ACK igen hele systemressourcer f\u00e5 fulled aka eftersl\u00e6b k\u00f8. N\u00e5r k\u00f8en er fuld system ignoreret indkommende anmodning fra legitime brugere for tjenesteydelser (http \/ mail osv). Derfor er det n\u00f8dvendigt at stoppe dette angreb med iptables. Force SYN packets check Check nye indg\u00e5ende TCP-forbindelser er SYN pakker ellers droppe dem.<\/p>\n<p><code>$ iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP<\/code><\/p>\n<div class=\"pvc_clear\"><\/div>\n<p id=\"pvc_stats_421\" class=\"pvc_stats all  \" data-element-id=\"421\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/www.linuxboxen.dk\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>IP Syn-flood. I dette angreb system er oversv\u00f8mmelse en serie af SYN-pakker. Hver pakker for\u00e5rsager systemet til at udstede en SYN-ACK svar. S\u00e5 systemet venter p\u00e5 ACK, der f\u00f8lger SYN + ACK (3 vejs handshake). Da angreb sender aldrig tilbage ACK igen hele systemressourcer f\u00e5 fulled aka eftersl\u00e6b k\u00f8. N\u00e5r k\u00f8en er fuld system ignoreret [&hellip;]<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p id=\"pvc_stats_421\" class=\"pvc_stats all  \" data-element-id=\"421\" style=\"\"><i class=\"pvc-stats-icon medium\" aria-hidden=\"true\"><svg aria-hidden=\"true\" focusable=\"false\" data-prefix=\"far\" data-icon=\"chart-bar\" role=\"img\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewBox=\"0 0 512 512\" class=\"svg-inline--fa fa-chart-bar fa-w-16 fa-2x\"><path fill=\"currentColor\" d=\"M396.8 352h22.4c6.4 0 12.8-6.4 12.8-12.8V108.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v230.4c0 6.4 6.4 12.8 12.8 12.8zm-192 0h22.4c6.4 0 12.8-6.4 12.8-12.8V140.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v198.4c0 6.4 6.4 12.8 12.8 12.8zm96 0h22.4c6.4 0 12.8-6.4 12.8-12.8V204.8c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v134.4c0 6.4 6.4 12.8 12.8 12.8zM496 400H48V80c0-8.84-7.16-16-16-16H16C7.16 64 0 71.16 0 80v336c0 17.67 14.33 32 32 32h464c8.84 0 16-7.16 16-16v-16c0-8.84-7.16-16-16-16zm-387.2-48h22.4c6.4 0 12.8-6.4 12.8-12.8v-70.4c0-6.4-6.4-12.8-12.8-12.8h-22.4c-6.4 0-12.8 6.4-12.8 12.8v70.4c0 6.4 6.4 12.8 12.8 12.8z\" class=\"\"><\/path><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/www.linuxboxen.dk\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[2],"tags":[],"class_list":["post-421","post","type-post","status-publish","format-standard","hentry","category-tips"],"a3_pvc":{"activated":true,"total_views":14,"today_views":0},"_links":{"self":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=421"}],"version-history":[{"count":0,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/421\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}