Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1103
Views
0
Helpful
2
Replies

SYN flood ASA

michelerossi
Level 1
Level 1

‎01-09-2008 11:54 PM - edited ‎03-11-2019 04:45 AM

Hi,

Could I Disabled the "SYN flood" control in the ASA version 8.03 ?

The IDS Module is disbled.

Is it posssible ?

Thanks

Labels:
0 Helpful
2 Replies 2

ebreniz
Level 6
Level 6

‎01-16-2008 11:45 AM

Yes you can Disabled the "SYN flood. It is the normalizer that detects the Syn Flood and, and can do syn cookies for protection of the Syn Flood. But as the ASA does the normalization, the normalizer is not running on the AIP-SSM and will not detect the Syn Flood on the AIP-SSM. So you need to rely on the ASA's Syn Flood protection (the ASA itself does Syn Cookies).

If this were an Appliance then the Appliance does run the Normalizer and is able to detect the Syn Flood and use Syn Cookies for protection (to turn on the Syn Cookie protection configure modify-packet-inline on sig 3050).

0 Helpful

michelerossi
Level 1
Level 1
In response to ebreniz

‎01-18-2008 12:03 AM

Have you got an example config of the Asa to do This ?

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card