[4560] in linux-net channel archive
ipfwadm doesnt stop SYN flood ?
daemon@ATHENA.MIT.EDU (nexus)
Sat Sep 28 09:32:17 1996
From: nexus <nexus@xs4all.nl>
To: linux-net@vger.rutgers.edu
Date: Fri, 27 Sep 1996 16:07:40 +0200 (MET DST)
Cc: nexus@xs4all.nl (nexus)
A few hours ago I noticed someone was SYN flooding me, (in tcpdump)
so I figured I'd just us ipfwadm 2.0 like:
ipfwadm -I -i deny -S 206.129.202.230 -D peak
to insert a deny for any trasffic from 206.129.202.230 (which was
a spoofed IP number.) to the host peak in my domain.
This works ok in other cases on the same machine where I
firewall services/hosts, but in this case the SYNs kept coming
What could be the problem here ?
kernel 1.3.100, ipfwadm 2.0 connected to a cisco and to a LAN
with 3c509 cards.
Thanks,
Casey
