 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Checking for SYN flags can also prevent attackers from using IP source route options to hide their true address and access restricted areas of a network by specifying a different path. TCP SYN checking is on by default.
|
Before You Begin |
|---|
|
For background information, read Understanding Attacker Evasion Techniques. |
You can use either J-Web or the CLI configuration editor to detect and record, but not block, packets with a loose or strict source route option set.
This topic covers:
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |