How to secure server from SYN-flood attack using iptables

SYN-flood attack is commonly utilized as a mean to disrupt network communication and it is a form of (Distributed Denial-of-Service) DDOS attack. RFC4987 details common mitigation to deal with SYN-flood attack.

However in this post, I’m going to share you the method that I use to reduce the risk of SYN-flood attack from my department computers, with iptables
/sbin/iptables -N syn-flood
/sbin/iptables -A syn-flood -m limit –limit 100/second –limit-burst 100 -j RETURN
/sbin/iptables -A syn-flood -j LOG –log-prefix "SYN-flood attempt: "
/sbin/iptables -A syn-flood -j DROP

RFC4987 suggests the use of SYN-cookie for added protection. You can enable SYN-cookie protection in Linux by running this command (as root):
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

hope that helps…

Note: I’m not a full-time sysadmin as I’ve a different dayjob, but I was put incharged in securing part of my school’s computer network, so there.

Play Dune 2 Natively on Linux with Dune Legacy

Good news to old time gamers, now you can play Dune 2 on Linux operating system natively (without dosbox or other emulator) with Dune Legacy project. For the uninitiated, (to my best knowledge), Dune 2 is the first RTS game for DOS (by Westwood, then acquired by EA Games) that spawn several other popular games in the genre such as C&C, Red Alert, Red Alert 2, etc.

Youtube video of Dune Legacy :

The Ubuntu binary (playable under Lucid Lynx) is available from – and

Naturally you would need the original data files and maps to play Dune Legacy natively on Linux. Binaries for other operating systems (Windows, Mac OS X) are also available from the Dune Legacy Project website.