ASP_IDS_SYN_COOKIE

[Contents] [Prev] [Next] [Index] [Report an Error]

ASP_IDS_SYN_COOKIE_ON
System Log Message

ASP_IDS_SYN_COOKIE_ON:
Host destination-address, SYN-COOKIE protection activated

Description

Intrusion detection services (IDS) activated SYN cookie protection for the indicated destination address, because it learned from the stateful firewall that the rate of certain events exceeded the threshold set by the threshold statement at the [edit services ids rule rule-name term term-name then syn-cookie] hierarchy level. The events include the ones reported by the ASP_IDS_TCP_SYN_ATTACK, ASP_SFW_SYN_DEFENSE, and ASP_SFW_TCP_SCAN system log messages. When SYN cookie protection is activated for a flow to a destination and the TCP handshake has not completed, the stateful firewall generates a SYN/ACK packet for each SYN packet directed to the destination.

Type

Event: This message reports an event, not an error

Severity

error

[Contents] [Prev] [Next] [Index] [Report an Error]