Kernel params used for synfloods

echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 45 > /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_syn_recv
echo 3 > /proc/sys/net/ipv4/tcp_synack_retries
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle

I tried to use these common values to help deter a syn flood from occurring. Syn-cookies challenges the other opponent. While you change the default timing of syn_recv from 60 seconds to 45 seconds which would also be the equivalent of 3 tcP_synack_retries.

Last but not least, reuse that old ttimewait port. 🙂

Getting tired of a Synflood?

This dirty last ditch modification to the kernel will force close connections after so many seconds. The default is 60.

echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout

This will tell everyone that you have 30 seconds to finish or else I will drop your connection. This is good in a pinch, but do not recommend running this at all times.

Instant kernel panic

After researching what could cause an instant kernel panic with no documentation or messages in kdump, I found that if manually execute the following code (warning: will cause system disruption, I am not held responsible for your copy and pasting):

echo c > /proc/sysrq-trigger

More information regarding this can be found on the Old Internet Archives at

while loop (true)

Need to execute a set of commands in a loop, non-stop?

while true; do killall -9 program; sleep 3; done

This will tell your Linux O/S do killall -9, sleep for 3 seconds, and start it again. This is great if you don’t have access to a crontab or just need it for a quick fix.


Do you need to check the zone file syntax via command line after making a change. You can run the following:

named-checkzone /var/named/

Results should be similar to

zone loaded serial 20190xxxxx

Linux Kernel Tuning

Do you need help tweaking your Linux operating system for the best performance? Just contact me and I’ll be more than happy to assist you.

Tuning involves I/O scheduler tuning, ACPI power management, networking performance tuning, and even web-site tuning *WordPress/Joomla!*.

Contact me

KVM *dump xml*

If you ever need to gain VNC access to a KVM virtual server and you are not sure what ip, port, or even password is needed to access VNC to a KVM VM, enter this from command line:

virsh dumpxml <kvm> –security-info

Replace <kvm> with the name of your virtual machine. You can get the names by running:

virsh list

Quickly (Un)Suspend Email in Cpanel

If you need to quickly suspend e-mail for an e-mail address in cPanel and do not want to do this via the GUI, issue the following from command line as root:

whmapi1 suspend_outgoing_email user=$cpuser

Of course you’ll want to replace $cpuser with the username of the cpanel account you’d like to suspend e-mail for. The same thing goes for un-suspending:

whmapi1 suspend_outgoing_email user=$cpuser