SYN flooding on port 1194

Forums

Add a reply View Replies (3) →

Offline

SYN flooding on port 1194

Resolved

0 votes

Hi!
I have a problem in the journal possible SYN flooding on port 1194. What should I do, as I understand it, they are trying to hack me?

In OpenVPN

Sunday, February 02 2020, 07:56 PM

Share this post:

Responses (3)

Accepted Answer

maxwell

Offline
Saturday, February 08 2020, 05:58 PM - #Permalink
Resolved

0 votes

Thx! All works. Very nice.
The reply is currently minimized Show
Accepted Answer
Nick Howitt

Offline
Sunday, February 02 2020, 09:26 PM - #Permalink
Resolved

0 votes

And here is a much bigger rule set with tweaks. If I were applying them, I would test at the command line then add to /etc/clearos/firewall/local, again using $IPTABLES rather than iptables.
The reply is currently minimized Show
Accepted Answer
Nick Howitt

Offline
Sunday, February 02 2020, 09:19 PM - #Permalink
Resolved

0 votes

Google is your friend here. You want some rate limiting. There seems to be a good one liner here, but I would use -I instead of -A. Also, for a custom firewall rule use $IPTABLES and not "iptables". Use "iptables" at the command line. Check the rule does not return any errors at the command line first.
The reply is currently minimized Show

Your Reply

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.

Register Here »

You are here:

Community Forums

Intrusion Detection and Prevention

Intrusion Prevention never shows blocked IPs

Sitemap

Foundation

Company

Partners

Purchase

Contact Us

Copyright © 2009- ClearFoundation Ltd.