just saw a message on the Linux console about apache attack SYN flooding as follows:
possible SYN flooding on port 80. Sending cookies
Right after I saw that there was an Linux Kernel update, so I have installed it:
Kernel and CPU Linux 2.6.32-220.23.1.el6.x86_64 on x86_64
Running CentOS 6 Linux…
I also found some suggestions from other forums:
to STOP syn flood on port 80 using apache you must to install mod_qos
Can this be installed from Virtualmin or ? anyone who had the same issue and fixed it ?
PS: we are using PfSense Firewall and only port 80 is opened for Apache…
I’m not sure that I would be too concerned about that unless it turned into an issue of some sort. That is, if you were dealing with downtime, that’s another issue – but it sounds like your server handled the issue.
That is, when dealing with a SYN flood, sending “cookies” is designed to mitigate that issue… which means your system is handling it for you, you don’t need to do anything.
There are a number of Apache modules out there designed for handling various types of DoS attacks – mod_qos and mod_evasive are two of those. But unless you found that your server was being negatively impacted by attacks, I’m not sure that I would recommend adding the additional complexity of a new Apache module.
ok, I understand now, than I will not install external modules as they are not needed in this case…
And yes I think that server handled it just fine because there was no high network usage or cpu usage …
Thank You for quick reply