請問路由器出現TCP SYN Flooding怎麼解決??

Log File

2010/11/07 05:48:51 : **TCP SYN Flooding** from 123.0.215.159
2010/11/07 05:48:50 : **TCP SYN Flooding** from 203.217.101.106
2010/11/07 05:48:49 : **TCP SYN Flooding** from 221.223.135.40
2010/11/07 05:48:48 : **TCP SYN Flooding** from 183.6.255.121
2010/11/07 05:48:46 : **TCP SYN Flooding** from 125.231.212.3
2010/11/07 05:48:45 : **TCP SYN Flooding** from 58.99.68.165
2010/11/07 05:48:44 : **TCP SYN Flooding** from 183.33.239.187
2010/11/07 05:48:43 : **TCP SYN Flooding** from 112.118.207.164
2010/11/07 05:48:42 : **TCP SYN Flooding** from 124.212.223.203
2010/11/07 05:48:40 : **TCP SYN Flooding** from 219.69.107.135
2010/11/07 05:48:39 : **TCP SYN Flooding** from 117.79.83.163
2010/11/07 05:48:38 : **TCP SYN Flooding** from 61.57.144.123
2010/11/07 05:48:37 : **TCP SYN Flooding** from 210.6.95.38
2010/11/07 05:48:36 : **TCP SYN Flooding** from 119.246.161.239
2010/11/07 05:47:32 : **TCP SYN Flooding** from 119.247.74.49
2010/11/07 05:47:29 : **TCP SYN Flooding** from 61.20.171.108
2010/11/07 05:47:28 : **TCP SYN Flooding** from 60.5.78.140
2010/11/07 05:47:27 : **TCP SYN Flooding** from 112.105.90.198
2010/11/07 05:47:26 : **TCP SYN Flooding** from 61.228.158.102
2010/11/07 05:47:25 : **TCP SYN Flooding** from 222.76.38.119
2010/11/07 05:47:23 : **TCP SYN Flooding** from 211.20.65.188
2010/11/07 05:47:22 : **TCP SYN Flooding** from 219.84.2.130
2010/11/07 05:47:21 : **TCP SYN Flooding** from 125.203.228.118
2010/11/07 05:47:20 : **TCP SYN Flooding** from 183.14.55.115
2010/11/07 05:47:19 : **TCP SYN Flooding** from 183.6.255.121
2010/11/07 05:47:18 : **TCP SYN Flooding** from 119.246.161.239
2010/11/07 05:47:17 : **TCP SYN Flooding** from 114.32.84.229
2010/11/07 05:47:16 : **TCP SYN Flooding** from 180.9.17.103
2010/11/07 05:47:15 : **TCP SYN Flooding** from 183.179.243.119
2010/11/07 05:47:14 : **TCP SYN Flooding** from 219.77.167.142
2010/11/07 05:47:12 : **TCP SYN Flooding** from 114.136.245.143
2010/11/07 05:47:11 : **TCP SYN Flooding** from 221.225.84.247
2010/11/07 05:47:10 : **TCP SYN Flooding** from 113.253.201.27
2010/11/07 05:47:09 : **TCP SYN Flooding** from 119.246.161.239
2010/11/07 05:45:41 : **TCP SYN Flooding** from 122.73.49.159
2010/11/07 05:45:40 : **TCP SYN Flooding** from 125.203.228.118
2010/11/07 05:45:39 : **TCP SYN Flooding** from 119.14.199.240
2010/11/07 05:45:38 : **TCP SYN Flooding** from 220.142.162.172
2010/11/07 05:45:37 : **TCP SYN Flooding** from 58.114.209.79
2010/11/07 05:45:36 : **TCP SYN Flooding** from 203.80.68.62
2010/11/07 05:45:35 : **TCP SYN Flooding** from 123.202.182.56
2010/11/07 05:45:34 : **TCP SYN Flooding** from 125.230.64.87

請大大幫忙...
謝謝~:(

There is, as yet, no generally accepted solution to this problem with the current IP protocol technology. However, proper router configuration can reduce the likelihood that your site will be the source of one of these attacks.

Appendix A contains details about how to filter packets to reduce the number of IP-spoofed packets entering and exiting your network. It also contains a list of vendors that have reported support for this type of filtering.

NOTE to Internet Service Providers:

We STRONGLY urge you to install these filters in your routers to protect your customers against this type of an attack. Although these filters do not directly protect your customers from attack, the filters do prevent attacks from originating at the sites of any of your customers. We are aware of the ramifications of these filters on some current Mobile IP schemes and are seeking a position statement from the appropriate organizations.

NOTE to customers of Internet service providers:

We STRONGLY recommend that you contact your service provider to verify that the necessary filters are in place to protect your network.

Many networking experts are working together to devise improvements to existing IP implementations to "harden" kernels to this type of attack. When these improvements become available, we suggest that you install them on all your systems as soon as possible. This advisory will be updated to reflect changes made by the vendor
-----------------------------------
真的有问题就封ip吧

引用

最初由 atkio 发布
There is, as yet, no generally accepted solution to this problem with the current IP protocol technology. However, proper router configuration can reduce the likelihood that your site will be the source of one of these attacks.

Appendix A contains details about how to filter packets to reduce the number of IP-spoofed packets entering and exiting your network. It also contains a list of vendors that have reported support for this type of filtering.

NOTE to Internet Service Providers:

We STRONGLY urge you to install these filters in your routers to protect your customers against this type of an attack. Although these filters do not directly protect your customers from attack, the filters do prevent attacks from originating at the sites of any of your customers. We are aware of the ramifications of these filters on some current Mobile IP schemes and are seeking a position statement from the appropriate organizations.

NOTE to customers of Internet service providers:

We STRONGLY recommend that you contact your service provider to verify that the necessary filters are in place to protect your network.

Many networking experts are working together to devise improvements to existing IP implementations to "harden" kernels to this type of attack. When these improvements become available, we suggest that you install them on all your systems as soon as possible. This advisory will be updated to reflect changes made by the vendor
-----------------------------------
真的有问题就封ip吧

这年头不会有人用固定IP做SYN Flooding攻击吧

如果路由器不带防御功能，这类攻击基本就没法防御

1pps的攻击…………这也能算攻击？

无视之就可以了

100Kpps以上的才算比较有力的攻击

那有可能是局域网里的迅雷、P2P等程序造成的