Enable TCP SYN Cookie Protection in Red Hat Linux 6

A SYN Attack is a denial of service (DoS) attack that consumes all the resources on your machine, forcing you to reboot. Denial of service attacks (attacks which incapacitate a server due to high traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources or external connections via extranets and Internet.

To enable it, you have to do:

Under Red Hat Linux 6.1

# echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Also add the above commands to the /etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.

Note: You must restart your network for the change to take effect.

Under Red Hat Linux 6.2

Edit the /etc/sysctl.conf file and add the following lines:

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

Run sysctl -p to enable the changes. These changes are also persistent across reboots.

You may need to restart all network devices manually on your system for the changes to take effect. If this is the case, use the following command:

# /etc/rc.d/init.d/network restart
Setting network parameters     [ OK ]
Bringing up interface lo       [ OK ]
Bringing up interface eth0     [ OK ]
Bringing up interface eth1     [ OK ]

Note:If you receive an error message during execution of the above command, check that you have enabled the TCP syncookies option in your kernel configuration: IP: TCP syncookie support (not enabled per default) (CONFIG_SYN_COOKIES) [Y/n/?]).