Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: SYN question

SYN question 9 years 1 week ago #32911

Hi,

I found out my client web page cannot be load as it shows "Connection Timed Out" error message. I suspected that maybe got SYN attack in that server. After i run the below command:-

[root@server1403 ~]# netstat -n | grep :80 | grep SYN |wc -l
157

My question is:-

When i check, one 1 Ip utilze 1 SYN. Is it really a SYN attack or not?
Or it is high load due to high users at one time, that is why can't open the web page??

Thanks

Syn Attack 9 years 1 week ago #32919

Assuming that you know the three way handshake, is the web server in DMZ - Behind the firewall. Further take a trace on your firewall preferably on both interfaces (Inbound/Outbound) to eliminate the same.

Re: SYN question 9 years 1 week ago #32933

Hi,

I couldn't understand the thing that you mentioned (take a trace on your firewall preferably on both interfaces (Inbound/Outbound) to eliminate the same.)

Do you mean take traceroute or doing netstat??

Re: SYN question 9 years 1 week ago #32940

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1577
  • Karma: 3
  • Thank you received: 7
kogula14, May be you've done this already but just in case,

Try this at the command prompt of the server:

netstat -n -p TCP

If you see a big list of connections with state: SYN_RECEIVED. Then this could indicate SYN attack.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx

Re: SYN question 9 years 1 week ago #32943

Hi all!

kogula14 i tried your command on windows vista cmd, mine got alot of 'ESTABLISHED' word in the status and one 'CLOSE_WAIT' and a 'SYN_SENT' what does all of these mean?

Thank you!

Re: SYN question 8 years 11 months ago #33301

Hi,

Thanks for every1 help me...

support.microsoft.com/kb/137984
  • Page:
  • 1
  • 2
Time to create page: 0.148 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup