Which of the following is correct as part of DDos-attack (shown in class) ?
a. sysctrl -w net.ipv4.tcp_syncookies=0
b. syscopy -w net.ipv4.tcp_syncookies=0
c. syscmd -w net.ipv4.tcp_syncookies=0
d. sysctl -w net.ipv4.tcp_syncookies=0
Both a and d are part of a DDoS attack since syncookies=0 shows that detection mechanism of a system to detect any potential SYN flood was not activated. In case a SYN flood attack is detected it is activated by setting the SYN cookies to 1, allowing defense of the system to take charge while continuing to service valid requests.
Comments