[pve-devel] DANGEROUS: SYN FLOOD - PVE FIREWALL AND HOST FREEZE
Alexandre DERUMIER
aderumier at odiso.com
Thu Jun 4 12:57:59 CEST 2015
They are a new iptables feature in last kernels, called SYNPROXY.
I never had time to implement it
http://rhelblog.redhat.com/2014/04/11/mitigate-tcp-syn-flood-attacks-with-red-hat-enterprise-linux-7-beta/#more-273
but patches are welcome ;) !
----- Mail original -----
De: "dietmar" <dietmar at proxmox.com>
À: "Detlef Bracker" <bracker at 1awww.com>
Cc: "pve-devel" <pve-devel at pve.proxmox.com>
Envoyé: Jeudi 4 Juin 2015 11:21:19
Objet: Re: [pve-devel] DANGEROUS: SYN FLOOD - PVE FIREWALL AND HOST FREEZE
> and in combination of 4 products with big names and "Security Offering"
> the host freeze under garanty!
> Everybody can have this!
>
> PVE-Firewall has block yesterday in this time of the attack complete ALL
> traffic again, so that nothing was going on the host!
The pve firewall is just a packet filter, but Alexandre added support to
plug in complete IDS systems, like:
http://suricata-ids.org/
https://pve.proxmox.com/wiki/Proxmox_VE_Firewall
I guess that would help in such situations.
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list