how secure from SYNC ATTACK

how secure from SYNC ATTACK (Full Version)

All Forums >> [ISA 2006 Firewall] >> Access Policies

Message

z_haseeb -> how secure from SYNC ATTACK (22.Jun.2008 2:18:03 AM)
i am using windows2003Srv+ISA2006EE. i can i secure my ISA2006EE from Sync attack?kindly help me regarding configuration.

paulo.oliveira -> RE: how secure from SYNC ATTACK (23.Jun.2008 8:06:59 AM)
Hi, ISA already comes configured against flood mitigation. To check this you can go to Configuration - General - Configure flood Mitigation Settings, check the Maximum half-open TCP connections. [;)] Regards, Paulo Oliveira.

z_haseeb -> RE: how secure from SYNC ATTACK (23.Jun.2008 8:23:42 AM)
i have seen the configuration which you told regarding half open.its showing 80 default.why its 80?why the half open is not 4 or 5?whys this feature is disabled at 80

paulo.oliveira -> RE: how secure from SYNC ATTACK (23.Jun.2008 9:45:45 AM)
Hi, this feature is not disabled. To configure it to 4 or 5, you need to configure the Maximum concurrent TCP connection per IP address to 8, for example. Please read the description of the Maximun half-open connections and you´ll understand better. [;)] Regards, Paulo Oliveira.

z_haseeb -> RE: how secure from SYNC ATTACK (24.Jun.2008 5:36:57 AM)
i decrease all the values in the flood mitigation in ISA2006EE but when clients are ping to server they gets request timeout.i think server is not handling the SYB_ATTACK

paulo.oliveira -> RE: how secure from SYNC ATTACK (24.Jun.2008 8:52:00 AM)
Hi, what kind of test are you doing to ISA reconize this ping as SYN_ATTACK? Is this client configured to ping the ISA firewall? Did you check the Result Code column? Regards, Paulo Oliveira.

Page: [1]