Table of Contents
Advertisement
Left running head:
Chapter name (automatic)
Filter and Firewall
-
-
TCP
SYN
FLOOD
tcp-syn-flood [{threshold <1-4294967295> <1-4294967295>
|timeout <1-4294967295>}]
D
ESCRIPTION
The server builds in its system memory a data structure describing all pending
connections. This data structure is of finite size, and it can be made to overflow by
intentionally creating too many partially-open connections. Systems providing
TCP-based services to the Internet community may be unable to provide services
while under this attack and for some time after this attack ceases. To protect the
system from this attack, use this command.
P
ARAMETERS
Parameter
threshold
1-4294967295
1-4294967295
timeout <1-4294967295>
D
V
EFAULT
ALUE
•
2 packets per 10 milliseconds
•
5000 microseconds is the Default
E
XAMPLE
Consider the following example, here if you do not explicitly provide the threshold
value for the attack, the default value is taken:
ALU(config-attack A4)# tcp-syn-flood
628
Beta
Threshold limit set.
Number of packets permissible within a defined
interval.
The limiting time to which the packets can be sent.
TCP Proxy timeout in seconds
Alcatel-Lucent
OmniAccess 700 CLI Command Reference Guide
Description
Beta
Advertisement
Table of Contents
