Hi, my webserver reports sometimes a Jan 20 14:02:11 xxxxxxxx kernel: possible SYN flooding on port 80. Sending cookies. Jan 20 14:02:11 xxxxxxxx kernel: klogd 1.3-3, ---------- state change ---------- Jan 20 14:02:11 xxxxxxxx kernel: Inspecting /boot/System.map-2.2.18 Jan 20 14:02:11 xxxxxxxx kernel: Loaded 10080 symbols from /boot/System.map-2.2.18. Jan 20 14:02:11 xxxxxxxx kernel: Symbols match kernel version 2.2.18. Jan 20 14:02:11 xxxxxxxx kernel: Loaded 258 symbols from 2 modules. So I think its no attack than a high traffic on my webserver. So what can I do? Is it possible to disable the SYN flood protection for port 80 (I didn't like to it) or can I modify the detection parameters of this protection routine? (I didn't like to read the kernel sources and re-compile it :-) Thx a lot... Kai EOT