phranque
msg:4396206 | 1:36 am on Dec 10, 2011 (gmt 0) |
have you tried using the apache benchmarking tool?
ab - Apache HTTP server benchmarking tool:
http://httpd.apache.org/docs/2.2/programs/ab.html [httpd.apache.org]
|
dcool86
msg:4396210 | 1:59 am on Dec 10, 2011 (gmt 0) |
I think I found the problem. In my syslog it keep saying
TCP: Possible SYN flooding on port 80. Sending cookies.
TCP: Possible SYN flooding on port 80. Sending cookies.
TCP: Possible SYN flooding on port 80. Sending cookies.
Feels the whole log up
I tried changing net.ipv4.tcp_syncookies =1 to 0 but it then said
TCP: Possible SYN flooding on port 80. Dropping request.
so I changed it back to 1
My server is a busy server that can handle the load just something is limiting it. I'm not sure what to change to fix that error.
|
jalarie
msg:4400655 | 9:17 pm on Dec 22, 2011 (gmt 0) |
I'm just beginning to learn Apache, so I have nothing specific to say. I saw something similar to this on the grc.com site when they were attacked. You might learn something useful there.
|
lucy24
msg:4400700 | 11:48 pm on Dec 22, 2011 (gmt 0) |
| TCP: Possible SYN flooding on port 80. |
|
sounds sinister but may not mean anything useful at all if I'm correctly interpreting
no warning in any logs at all, except with the usual
web10 kernel: possible SYN flooding on port 80 |
|
from Apache mailing list.
I tried this exact search
"Possible SYN flooding" "port 80" site:.apache.org
That gets you the archived mailing lists. Have fun disentangling the threads; I couldn't figure out how to do it except by brute force. Helps that the question I was trying to follow was posted on 30 September, so all the answers came in on 1 October, putting them in a whole new segment of the archives.
|
dcool86
msg:4400716 | 12:44 am on Dec 23, 2011 (gmt 0) |
@jalarie As I said earlier it's a busy server with real traffic not a attack. Thanks for the reply.
|
|
