Syn and scaning attack on ASA

Unanswered Question

Is it possible that Syn and Scanning attack can bring down my network?Especially can my internet goes unusable?

I checked the logs and after syslog error msg 733100 and 419002.

Now internet comes back only after restarting my router..

This is happening quite often.

Any pointer on it.

Reg,

Sushil

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vkapoor5 Thu, 02/26/2009 - 18:46

A SYN flood attack occurs during the three-way handshake that marks the onset of a TCP connection. In the three-way handshake, a client requests a new connection by sending a TCP SYN packet to a server. After that, the server sends a SYN/ACK packet back to the client and places the connection request in a queue. Finally, the client acknowledges the SYN/ACK packet. If an attack occurs, however, the attacker sends an abundance of TCP SYN packets to the victim, obliging it both to open a lot of TCP connections and to respond to them. Then the attacker does not execute the third step of the three-way handshake that follows, rendering the victim unable to accept any new incoming connections, because its queue is full of half-open TCP connections.

Actions

This Discussion