O'Reilly logo

CCIE Security Practice Labs by Fahim Hussain Yusuf Bhaiji

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Section 10.0: Security Violations

10.1. TCP SYN DoS Attack

  1. Configure the TCP Intercept feature on R1 to protect TCP servers from TCP SYN-flooding attacks.

  2. Configure ACL to protect only network 172.16.4.0 with TCP Intercept. See Example 4-56.

  3. Configure TCP Intercept in Watch mode where all TCP connections passed through are watched by the router. If any connection does not complete the three-way hand-shake within the time specified, it will drop the connection by sending a reset. See Example 4-56.

    Example 4-56. Snip from R1 Config
    ip tcp intercept list 102
    ip tcp intercept watch-timeout 15
    ip tcp intercept mode watch
    access-list 102 permit tcp any 172.16.4.0 0.0.0.255
    

TIP

For more information about TCP Intercept (preventing DoS), refer to the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required