应对DOS攻击的加固


修改或者增加注册表中的相应内容 XP 2K 2K3,记得先备份。

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters EnableICMPRedirect - 0 - disables attacks that require the host to redirect ICMP based traffic. SynAttackProtect - 1 or 2 -Setting the value to 1 will turn on SYN/ACK protection when the next two keys described are triggered. Setting the value to 2 will protect the host from SYN/ACK attacks by timing out open and half-open connections faster. TCPMaxHalfOpen - 500 - This is the number of half-open connections allowed before SYN flood protection is initiated. TCPMaxPortsExhausted - 5 -This determines how many connection requests the host can refuse before SYN flood protection is initiated. TCPMaxDataRetransmission - 3 - This value determines how many times TCP will retransmit an unacknowledged data segment to an already existing connection. EnableDeadGWDetect - 0 - This value dis-allows the host to determine if the default gateway is dead and allow it to change it to a backup gateway listed in the TCP/IP properties of the network adapter. 针对winsock应用 HKLM\System\CurrentControlSet\Services\AFD\Parameters EnableDynamicBacklog - 1 - Enables the dynamic backlog MinimumDynamicBacklog - 20 - Sets the minimum number of free connections to the Winsock endpoints. MaximumDynamicBacklog - 20,000 - Sets the maximum limit of half-open and free connections to the Winsock endpoints DynamicBacklogGrowthDelta - 10 - Sets the number of Winsock endpoints for an allocation pool.

comments powered by Disqus