Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

TCP Syn Flow Detection

Posted By:

dhshanmu

Posted Date:

Apr 07, 2011

Category:

Security

Version:

1.1

License:

Cisco-Style BSD

Summary:

This Script detects for any abnormal increase in syn flows and can shut the concerned port

Script Modified Date:

Apr 07, 2011

Cisco IOS Version tested:

15.0(2)SG(1.27)

Cisco Products Tested:

Cat4k

Environment Variables used:

synMonitorName; flowThreshold; synMaxPercentage; synBurst; synWaitTime; debug; action;

Rating Count:

0

Average Rating:

0

File Size:

3.8 KB

Script Info URL:

The Script checks the number of syn only flows in the given netflow  monitor and raises syslog messages if any abnormal syn flows are  detected.  The flow also checks if there is sudden increase in syn only  flows for given time frame and generates syslog message for the same.   The script can also shutdown the concerned port if specified.

482
Views
0
Helpful
0
Comments