PROTECTING FROM
DoS/
DDoS
ATTACKS
Home |
Objectives |
Forum |
Security Links |
Tutorials |
People
- Sources & Tools
- Sysctl.sh
Using the sysctl support in linux to enhance a system security against outside attacks. Includes a script to optimize these settings by echoing values to /proc/sys/net/ipv4/*, turning on kernel security features which lessen the effect of SYN floods, smurf attacks, and turn on source validation by reversed path to add more protection against spoofed packets. Tested on linux 2.2.x.
- Stealth IP Stack: Linux Kernel 2.2.16-17 | 2.2.17-18 Patches
Stealth IP Stack is a kernel patch for Linux 2.2.17 which makes your machine almost invisable on the network without impeding normal network operation. Many denial of service attacks, such as stream, are much less effective with this patch installed, and port scanners slow to a crawl. It works by restricting TCP RST packets (no "Connection Refused"), restricting ICMP_UNREACH on udp (Prevents UDP portscans), restricting all ICMP and IGMP requests. A sysctl interface is used so these features can be turned on ande off on the fly. For more information, here.
Copyright(c) 2001
HackerProof. All rights reserved.
Last Update: