syn-ack-ack-proxy
Syntax
syn-ack-ack-proxy; {
threshold number,
}
Hierarchy Level
[edit security screen ids-option screen-name tcp]
Release Information
Statement introduced in Junos OS Release 8.5; support.
Description
Prevent the SYN-ACK-ACK attack, which occurs when the attacker establishes multiple telnet sessions without allowing each session to terminate. This behavior consumes all open slots, generating a denial-of-service (DoS) condition.
Options
threshold number — Number of connections from any single IP address.
Range: 1 through 250,000
Default: 512
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.