Re: DoS attack against TCP services

To: Michael van Elst <mlelstv%serpens.de@localhost>
Subject: Re: DoS attack against TCP services
From: 6bone%6bone.informatik.uni-leipzig.de@localhost
Date: Mon, 19 Jan 2015 12:15:23 +0100 (CET)

On Mon, 19 Jan 2015, Michael van Elst wrote:

Date: Mon, 19 Jan 2015 09:24:02 +0000 (UTC)
From: Michael van Elst <mlelstv%serpens.de@localhost>
To: current-users%netbsd.org@localhost
Newsgroups: lists.netbsd.current-users
Subject: Re: DoS attack against TCP services

6bone%6bone.informatik.uni-leipzig.de@localhost writes:

Unfortunately, all TCP connections are now in the TIME_WAIT state.

bash-4.3 # netstat -a -n | grep TIME_WAIT | wc -l
     34611

Is there a way to remove it without rebooting the server?


tcpdrop(8)?

It works. But why doesn't drop the kernel it automatically?



TCP connections in TIME_WAIT will expire after some time, usually between
10 and 60 seconds after a connection is closed. The timeout depends on
the distance of the remote machine.


Yes, but in my case the connections are not expired after over one hour.


Uwe

References:
- DoS attack against TCP services
  - From: 6bone
- Re: DoS attack against TCP services
  - From: Mindaugas Rasiukevicius
- Re: DoS attack against TCP services
  - From: 6bone
- Re: DoS attack against TCP services
  - From: Michael van Elst

Prev by Date: Re: DoS attack against TCP services
Next by Date: Re: DoS attack against TCP services
Previous by Thread: Re: DoS attack against TCP services
Next by Thread: Re: DoS attack against TCP services
Indexes:

Home | Main Index | Thread Index | Old Index