phreak Posted February 19, 2008 Report Posted February 19, 2008 Packets received imi creste cu 100 de mii la vreo 3 secunde.. in 10 minute am 2 milioane de packets received + ca kaspersky-u zice ceva de-un DoS.Syn si numa stiu cum ...miroase a flood ? sau e de la net ca sa stiu pe cine sa dau vina LE : 2/19/2008 9:07:58 PM DoS.Generic.SYNFlood 89.35.77.28 TCP 139 Quote
rpsetzer Posted February 19, 2008 Report Posted February 19, 2008 Da, e DDOS. Pe linux recompliezi kenrenlul cu SYN cookies. Pe Windows se face din registrii, cauta pe google "windows SYN cookies". Quote
moubik Posted February 20, 2008 Report Posted February 20, 2008 http://www.securityfocus.com/infocus/1729scrie de windows 2000, presupun ca merge si pe XP.The protection can be set by adding a SynAttackProtect DWORD value to the following registry key:HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters[...]The recommended value of SynAttackProtect is 2, which additionally delays the indication of a connection to the Windows Socket until the three-way handshake is completed.rpsetzer, ai folosit vreodata SYN cookies pe un server care este DDOS-ed? Quote
phreak Posted February 20, 2008 Author Report Posted February 20, 2008 deocamdata s-o oprit.. eu am sunat la aia de la net el zicea ca n-are nici o treaba ca imi cresc pachetele primite cu 2000 pe secunda, acuma creste cu vreo 20 ... Quote
moubik Posted February 20, 2008 Report Posted February 20, 2008 in mod normal ISP-ul trebuie sa se autosesizeze cand este ceva de genul DDOS. si sa blocheze ei IP-urile. Quote
rpsetzer Posted February 20, 2008 Report Posted February 20, 2008 Da moubik am folosit, pe Linux. Si merge perfect.In ceea ce priveste autosesizarea ISP-ilor, am innebunit trimitand mailuri si nu am primit decat auto response. Quote
