Results 1 to 3 of 3
  1. #1
    Join Date
    Jan 2005

    Are there any scripts to block syn flood ips ?

    Hi every one

    I'm looking a php or cgi script which would detect when an IP sends
    too many syn requests and then dynamically block it for a period of time. thanks alot.

    p/s: i got APF and mod_dosevasive installed.
    Last edited by AndyJ; 07-21-2005 at 12:41 PM.

  2. #2
    Join Date
    May 2005
    Bohemia, NY
    You appear to have a fundamental misunderstanding of the difference between the TCP/IP transport layer and the application layer. SYN flood attacks are not HTTP traffic and do not get passed to Apache. You're most likely confusing a TCP SYN flood with some other form of attack.

    Assuming you are in fact correct in your assertion, you should contact your ISP, as they probably have a way to do this at the router level, or they should at the very least provide some primitive sort of firewalling to their customers. If not, we'll need to know what operating system you're running in order to develop any kind of workable solution for you.

    Most routers will block these types of attacks automatically, without user intervention. What makes you believe you're the victim of a SYN attack? Technical Support

  3. #3
    Join Date
    Jan 2005
    yes, i am a victiom of a syn attack.

    you're right, i was misunderstood, thanks for explaination

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts