Blocking SYN-ATTACKS using SYSCTL on Linux

Sysctl is a module built into linux that allows you to modify the kernel attributes in this example I am using.

Sysctl to enable SYN-cookies an effective mitigation against SYN attacks.


Security Stock Image

On your linux system the sysctl configuration file is located at /etc/sysctl.conf

to do this add the following to the sysctl.conf file


# Block SYN attacks
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 5


afterwards run the sysctl -p command to load the new entries into the kernal
this will take effect right away so its best to monitor your server for any issues with access to disable you can remove the entries
from the files and run sysctl -p again which will remove the entries


I hope this guide helps if it did leave a comment !

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.