top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

apache: How to verify syn recv attack in our server??

+1 vote
507 views

We have 2 servers.
Server1 has a apache.
Server2 has a tomcat.

Now we see there are many syn recv connection via "netstat -ant". These kinds of connection are running out the CPU.

We googled it and found it looks like of syn recv attack.

So I just want to know:
1. How to verify it DOES is a syn recv attack?
2. Is there any way to fight against these kind of connections? Can I do some configuration at Apache?
3. Because our server1 is deployed at a cloud center. I guess these cloud center should also be attack?

posted Jul 27, 2015 by anonymous

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
0 votes

I am newbie in Apache concepts and only know Apache Tomcat. Following is my requirement, would anybody please help me how to setup.

I have a clustered JBOSS EAP 6.3 instances running on two different Windows 8 machines. Now I am planning to put a load balancer to dispatch the requests to these JBOSS clustered servers.

I am thinking of Apache httpds as a load balancer. What I got to know is these Apache web server will be available in source code and source code needs to be compiled as per the environment.

I am not finding any Windows 8 (64bit) Apache http installed in the Apache site. Would someone help me from where to download the Windows 8 (64bit) version of Apache httpd service.

And also any guide to setup the load balancer on Windows machine.

+1 vote

I am working on a Ubuntu 10.04 server, on which I installed PHP 5.3, Apache 2 2.2.9. I followed the below steps to do the installation :

  1. I installed apache2 using SUDO APT-GET INSTALL APACHE2

  2. I also installed libapache2 and php using the below commands
    sudo apt-get install php5 libapache2-mod-php5
    sudo apt-get install php5-core

  3. I did redirection to port by configuring the DEFAULT file in /ETC/APACHE2/SITES-AVAILABLE. Redirection happened successfully.

  4. PHP5-curl was installed using
    SUDO APT-GET INSTALL PHP5-CURL

  5. Rewrite mod was enabled in apache2 using
    SUDO A2ENMOD REWRITE and apache2 was restarted.

Now, after following this if I try to access the URL, I get the following message -

 THE REQUESTED URL /.../..../ WAS NOT FOUND ON THIS SERVER.  

But, the same URL is accessed from another system with the same configuration , it works fine.

+2 votes

I have 2 linux machine. I have compiled apache 2.4.6 on one of the linux machine with following commands:

./configure --prefix=/usr/apache--with-ssl=/usr/local/ssl --enable-ssl --enable-modules="all" --enable-mods-shared="most" 
make
make install

This has installed apache on this machine and it works fine. However when i copy this apache (where it got installed) folder on other linux machine. I am getting following error while starting httpd with following commad:

httpd -k start

error:
/httpd: symbol lookup error: /usr/papache/lib/libapr-1.so.0: undefined symbol: dlopen

Can you please help me to understand what is going wrong.

0 votes

I have the following modules installed on my linux computer:

openldap-2.2.13-12.el4_8.2 
nss_ldap-253-7.el4 

According to the documentation Apache can work with more than one LDAP module:
https://httpd.apache.org/docs/current/mod/mod_authnz_ldap.html [1]

How can I ensure Apache HTTPD server works with OpenLDap installed on my computer? Where I configure it?

+5 votes

WE are trying to setup HTTPS tunnelling to a backend server through Apache proxy but we are finding the client connect but Apache does not send through the traffic the backend server.

Config we have on our Apache proxy virtual host is

DocumentRoot "/usr/local/apache/htdocs/ibcm/" 
ServerName test.testdom.local 
ErrorLog logs/ibcm 
ServerAdmin webmaster@testdom.local 
ProxyRequests On 
AllowConnect 443 
SSLEngine on 
SSLHonorCipherOrder On 
SSLProtocol -ALL SSLv3 TLSv1 
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4RSA:HIGH:MEDIUM 
SSLCertificateFile "/etc/ssl/crt/ibcm.crt" 
SSLCertificateKeyFile "/etc/ssl/crt/testdom.key" 
SSLCertificateChainFile "/etc/ssl/crt/CA-DOM.crt" 
 Order deny,allow 
 Deny from all 
 Order deny,allow 
 Allow from all 

Anybody know what we are not doing correctly. Also we found Apache would not start without us putting in the root certificate. Thought it would not need any certificate for tunnelling so wonder if we have missed something.

...