Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: DoS attack against TCP services

On Mon, 19 Jan 2015, Michael van Elst wrote:

Date: Mon, 19 Jan 2015 09:24:02 +0000 (UTC)
From: Michael van Elst <>
Newsgroups: lists.netbsd.current-users
Subject: Re: DoS attack against TCP services writes:

Unfortunately, all TCP connections are now in the TIME_WAIT state.

bash-4.3 # netstat -a -n | grep TIME_WAIT | wc -l

Is there a way to remove it without rebooting the server?


It works. But why doesn't drop the kernel it automatically?

TCP connections in TIME_WAIT will expire after some time, usually between
10 and 60 seconds after a connection is closed. The timeout depends on
the distance of the remote machine.

Yes, but in my case the connections are not expired after over one hour.


Home | Main Index | Thread Index | Old Index