Configuring TCP Intercept
IOS's TCP intercept feature can be used to prevent some types of denial-of-service (DoS) attacks, but it should not be used in conjunction with CBAC. The TCP intercept feature implements software to protect servers running TCP from a TCP SYN-flood attack. A TCP SYN-flood attack occurs when a hacker floods a server with a barrage of TCP synchronization (SYN) requests for a connection. These requests are from forged addresses that have unreachable return addresses, resulting in half-open sessions on the server. When the resulting volume of half-open connections reaches a certain threshold, the sessions eventually overwhelm the server and might cause it to start denying service to valid users of your offered services. These ...
Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.