01-09-2008 11:54 PM - edited 03-11-2019 04:45 AM
Hi,
Could I Disabled the "SYN flood" control in the ASA version 8.03 ?
The IDS Module is disbled.
Is it posssible ?
Thanks
01-16-2008 11:45 AM
Yes you can Disabled the "SYN flood. It is the normalizer that detects the Syn Flood and, and can do syn cookies for protection of the Syn Flood. But as the ASA does the normalization, the normalizer is not running on the AIP-SSM and will not detect the Syn Flood on the AIP-SSM. So you need to rely on the ASA's Syn Flood protection (the ASA itself does Syn Cookies).
If this were an Appliance then the Appliance does run the Normalizer and is able to detect the Syn Flood and use Syn Cookies for protection (to turn on the Syn Cookie protection configure modify-packet-inline on sig 3050).
01-18-2008 12:03 AM
Have you got an example config of the Asa to do This ?
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide