Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Syn and scaning attack on ASA

Is it possible that Syn and Scanning attack can bring down my network?Especially can my internet goes unusable?

I checked the logs and after syslog error msg 733100 and 419002.

Now internet comes back only after restarting my router..

This is happening quite often.

Any pointer on it.

Reg,

Sushil

1 REPLY
Bronze

Re: Syn and scaning attack on ASA

A SYN flood attack occurs during the three-way handshake that marks the onset of a TCP connection. In the three-way handshake, a client requests a new connection by sending a TCP SYN packet to a server. After that, the server sends a SYN/ACK packet back to the client and places the connection request in a queue. Finally, the client acknowledges the SYN/ACK packet. If an attack occurs, however, the attacker sends an abundance of TCP SYN packets to the victim, obliging it both to open a lot of TCP connections and to respond to them. Then the attacker does not execute the third step of the three-way handshake that follows, rendering the victim unable to accept any new incoming connections, because its queue is full of half-open TCP connections.

468
Views
0
Helpful
1
Replies