Freelancers Network
 
skill list top cap
Homepage
Join the Freelancer's Network
Update your details
Find a freelancer
Post a project
Find a project
Projects Archive
Post a job
Find a job
Jobs Archive
See Dan's Pages
See Andy's Pages
Link to this site
Resources
Join/Leave Forum
Forum Messages
+Additions+ Adverts
Advertising
Contact Us
Subscribe to our newsletter - enter your email address and hit return
Freelancers.net is owned and operated by Andy Stowell and Dan Winchester
skill list end cap
guru web hostcom

Find me again on Freelancers.net

RE: FN-FORUM: Router Woes

date posted 13th August 2003 16:49

Thanks a lot Paul, very informative, I've learnt something today :)

OK the SYN thing ties up with what you are saying... sorted

The time thing, I have nowhere in my router config to enter a time server, would this be writen in the firmware, so I cant get to
it? or is becaust the router connects to a modem which (is also a router) and then to the net so it cant find its time server?

TIA

Mike


> > **SYN Flood to Host** 192.168.2.102, 2274->> 195.*.*.*, 80
> >
> > The first IP is my client machine, the second I have edited, but I know
> > who they are, there are other entries the same as the 2 nd one above with
> > different port numbers (if thats what 2274 is) a different IP addresses
> >
> > Should I be concerened?
>
> A SYN flood is a type of DoS (Denial of Service) attack.
>
> When you establish a TCP connection a three-way hand shake is performed,
> the originator sends a SYN, the receiver sends a SYN-ACK, and then there
> is another ACK in response to acknowledge the SYN-ACK (if I remember
> correctly).
>
> The attack works by sending lots of SYNs to the remote host without doing
> any ACK, the remote host has to wait a period of time for the ACK before
> giving up and discarding the SYN. So, if you send lots of SYNs you can
> fill out the resource table/buffers of the receiving host until it can't
> accept any more connections. I expect because the connection is never
> completed you can easy forge and randomise the source of the SYNs as well.
>
> I suspect you made a lot of genuine connections, but maybe a high number
> in a short time frame so your router is flagging a high rate of SYNs in
> genuine TCP connections.
>
> > How can I rectify the NTP time thing?
>
> Router probably needs the IP address of an NTP time server that it
> can sync with, see if your ISP provides one, or check out the list at
> www.ntp.org for a stratum 2 time server that is open to people in Europe.
>
> -Paul-
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.509 / Virus Database: 306 - Release Date: 12/08/2003

Messages by Day
August 31st 2003
August 30th 2003
August 29th 2003
August 28th 2003
August 27th 2003
August 26th 2003
August 25th 2003
August 24th 2003
August 23rd 2003
August 22nd 2003
August 21st 2003
August 20th 2003
August 19th 2003
August 18th 2003
August 17th 2003
August 16th 2003
August 15th 2003
August 14th 2003
August 13th 2003
August 12th 2003
August 11th 2003
August 10th 2003
August 9th 2003
August 8th 2003
August 7th 2003
August 6th 2003
August 5th 2003
August 4th 2003
August 3rd 2003
August 2nd 2003
August 1st 2003


Messages by Month
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003


Messages by Year
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000