You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by javalishixml <ja...@163.com> on 2015/07/27 10:22:25 UTC

[users@httpd] syn recv attack in our server??

Hi gurus,

We have 2 servers.
Server1 has a apache.
Server2 has a tomcat.

Now we see there are many syn recv connection via "netstat -ant".
These kinds of connection are running out the CPU.

We googled it and found it looks like of syn recv attack.

So I just want to know:
1. How to verify it DOES is a syn recv attack?
2. Is there any way to fight against these kind of connections? Can I do some configuration at Apache?
3. Because our server1 is deployed at a cloud center. I guess these cloud center should also be attack?

Appreciate for your quickly help!

Thanks,
LS