How to optimize Linux/Centos server against a SYN-Flood attack - DDOS

HostStud

Administrator
Staff member
#1
Edit file /etc/sysctl.conf and add

# Enable TCP SYN cookie protection
net.ipv4.tcp_syncookies = 1
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 3
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0

And then run :

# sysctl -p
 
Top