Syn and scaning attack on ASA

Unanswered Question
Feb 20th, 2009

Is it possible that Syn and Scanning attack can bring down my network?Especially can my internet goes unusable?

I checked the logs and after syslog error msg 733100 and 419002.

Now internet comes back only after restarting my router..

This is happening quite often.

Any pointer on it.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
vkapoor5 Thu, 02/26/2009 - 18:46

A SYN flood attack occurs during the three-way handshake that marks the onset of a TCP connection. In the three-way handshake, a client requests a new connection by sending a TCP SYN packet to a server. After that, the server sends a SYN/ACK packet back to the client and places the connection request in a queue. Finally, the client acknowledges the SYN/ACK packet. If an attack occurs, however, the attacker sends an abundance of TCP SYN packets to the victim, obliging it both to open a lot of TCP connections and to respond to them. Then the attacker does not execute the third step of the three-way handshake that follows, rendering the victim unable to accept any new incoming connections, because its queue is full of half-open TCP connections.


This Discussion