Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


fin-no-ack (IDS Screen Next Gen Services)



Hierarchy Level

Release Information

Statement introduced in Junos OS Release 19.3R2 on MX Series routers (MX240, MX480 and MX960) running Next Gen Services with the MX-SPC3 services card.


Identify and drop any packet with a FIN flag set and without the ACK flag set. The TPC FIN No Ack attack can allow the attacker to identify the operating system of the target or to identify open ports on the target.

Required Privilege Level

interface—To view this statement in the configuration.

interface-control—To add this statement to the configuration.