Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
September 5, 2006, 3:34 pm
rate this thread
I'm kind of new to the secury business, and I ned a bit of help.
A) I'm trying to find out if Linux 2.6 is protected against these
Denial of Service attacks:
1. TCP SYN attack (SYN FLOOD)
2. LAND AND LATIERRA ATTACKS
3. MAL FRAGMENTED PACKETS, TEARDROP, OVERLAP
I've heared that 2.6 should be protected against those, but I can't
seem to find any official notes about it.
B) Where can I find a tool for testing these?
Re: Is Linux kernel 2.6 protected against these DoS attacks?
The reason you can't find notes about it are because it's not really
up to the kernel itself. I compile custom kernels on all my systems,
which use only the things I need, and, depending on the option, I
compile it as a module if it's uneccessary, maximizing uptime as well
as keeping out an unneccessary items that may or may not be exploited.
In your kernel configuration for 2.6, you've got all sorts of options
under the IP Filter section. I usually select the ones I use on a
normal basis, and load them as modules. Then, as you configure your
firewall (I do it by hand), make sure you use the modules you've
compiled into the kernel, and add the rules that will be best to defend
against those attacks (think packet STATE filtering for the most part
with DoS attacks...)
I use a variety of tools for pen testing, including my own suite I
developed with python, wxpython, and the python twisted libraries.
Some that you should take a look at are nmap (port scanning), ettercap
(packet filtering), ethereal (packet filtering), metasploit
(application pentesting) , nc (the swiss army knife)...
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security