Mitigating SYN Flood Attack with Cisco ASA/Checkpoint/PaloAlto Firewalls

0
41

Mitigating SYN Flood Attack with Cisco ASA/Checkpoint/PaloAlto Firewalls:-

SYN Flood Attack :-
• An arriving SYN sends the “connection” into SYN-RCVD state
• It can stay in this state for quite a while, awaiting the acknowledgment of the SYN+ACK packet, and tying up memory
• For this reason, the number of connections for a given port in SYN-RCVD state is limited
• Further SYN packets for that port are dropped
• The trick is the address forgery — if the attacker impersonates a non-existent host, neither the SYN+ACK nor a RST will ever arrive
• The port is thus blocked

Watch Now :-

Also Check :- Perform DDOS Attack with Hping Command

How to View SYN-Flood attack using the Command Prompt

Advertisements