[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    CLOSE_WAIT state problem on Solaris 8
From:       "Jimmy Lim" <jimmy () tricom ! com ! ph>
Date:       2003-12-18 22:21:06
[Download RAW message or body]

Ooops, sorry for not putting a subject on my question

Hi,

I'm getting a lot of CLOSE_WAIT state which seems to be due to DoS attacks
which renders our tcp/ip application service unusable after some time, and
I have to restart the service from time to time just to brush off these
connections with a CLOSE_WAIT status. The service only allows a limited
amount of connections and can no longer service more connections until the
CLOSE_WAIT tcp connections is closed.

Is there a way in IPFilter to close connections with CLOSE_WAIT state
instead of using 'ndd -set /dev/tcp tcp_time_wait_interval' in solaris? I
have set the value for only 60 seconds but seems, this does not work and I
could still see a CLOSE_WAIT even if there's no longer any tcp activity.


Best Regards,


--
Jimmy Lim
IT Operation & Support Team Leader
Tricom
[prev in list] [next in list] [prev in thread] [next in thread]