Basic Attack Prevention
The TCP intercept and unicast reverse path forwarding features of the IOS enable you to configure some basic security against two types of denial-of-service attacks: TCP SYN flooding and source IP address forgery.
A denial-of-service (DoS) attack is one in which a hacker overwhelms a network resource with traffic intended not to harm data, but to utilize enough resources on the network resource so that it cannot perform its intended function. For example, a TCP SYN (synchronization) flood attack occurs when a hacker floods a server with a large number of TCP SYN requests (used to initiate a TCP connection) from an invalid source IP address. Each of these requests has an unreachable source IP address that means that the ...
Get Cisco Router Configuration, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
