The first setting enables TCP SYN cookies.
第一个设置启用TCP SYNcookie。
TCP SYN Scanning is also known as half open scanning.
TCP SYN扫描也称为半开扫描。
Description: TCP SYN scanning is a variant of port scanning.
描述:TCP SYN扫描是端口扫描的变体。
Attacker sends a TCP SYN packet to the target port from his own IP address (or one he controls) to request a connection.
攻击者从自己的的IP地址(或者他控制的)发送一个TCP SYN攻击或者自己包到目标端口请求连接。
The problem that can occur with TCP is when a rogue client forges an IP packet with a bogus source address, then floods a server with TCP SYN packets.
当恶意客户机使用虚假的源地址来伪造一个IP报文时,TCP就会出现问题了,这会大量 TCP SYN报文攻击服务器。
When a new TCP connection comes in from a client by means of a packet with the SYN bit set, the server creates an entry for the half-open connection and responds with a SYN-ACK packet.
当从客户机发来新的TCP连接时,数据包设置了SY n位,服务器就为这个半开的连接创建一个条目,并用一个SYN -ACK数据包进行响应。
To accomplish this, the attacker sends a TCP packet with the SYN flag set to the target host, just like when opening a regular TCP connection.
要实现这一点,攻击者向目标主机发送设置了SYN标志的tcp包,就象打开常规tCP连接时一样。
This means a TCP packet with the SYN flag set is sent to the server.
这意味着向服务器发送一个设置了SYN标志的tcp包。
As discussed above, when Host a wants to establish a TCP connection to destination Host d, it sends a TCP segment with the SYN flag set first.
如上所述,当主机A想建立到目的地主机d的TCP连接时,它首先发送设置了SYN标志的tcp段。
You can specify which incoming TCP packets to scan and discard those that don't match the flags ack, FIN, PSH, RST, SYN, or URG.
可以指定应该扫描哪些到达的TCP数据包,丢弃不与ack、FIN、P SH、RST、syn或urg标志匹配的数据包。
Traditional flood attack (SYN flood) makes use of the leak of TCP protocol's three times handshake.
传统的洪水攻击(SYN洪水攻击)是用TCP协议三次握手的漏洞来实现的。
Traditional flood attack (SYN flood) makes use of the leak of TCP protocol's three times handshake.
传统的洪水攻击(SYN洪水攻击)是用TCP协议三次握手的漏洞来实现的。
应用推荐