05-07-2009 05:11 AM - edited 03-04-2019 04:40 AM
hi,
I receive the next message in unix, my webserver, What the meaning?
What i can do?
"warning: high tcp connect timeout rate! system (port 443) may be under a syn flood attack"
05-07-2009 05:28 AM
Hello Pedro,
if you have an edge router you can use TCP intercept feature to defend your server.
see
Hope to help
Giuseppe
05-07-2009 05:43 AM
Thanks by your answer,
I don't have router edge.
I have the next connection
pix---sw---webserver
!
!
internet
05-07-2009 05:52 AM
Internet connect with sw
05-07-2009 10:20 AM
Hello Pedro,
if the pix is not on the path to/from internet you cannot do anything.
You should have the webserver on an DMZ (third leg/interface) of pix.
doing so you could protect the server.
By the way, the message says:
"warning: high tcp connect timeout rate! system (port 443) may be under a syn flood attack"
port 443 that is
Protocol / Name: https
If you don't need https you can close the service on the web server.
if you are using https this cannot be done.
I would suggest you to review the DMZ and to have it protected by the pix that can provide features similar to TCP intercept.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide