 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
With SYN checking enabled, the Juniper Networks device rejects TCP segments with non-SYN flags set unless they belong to an established session. Enabling SYN checking can help prevent attacker reconnaissance and session table floods.
|
Before You Begin |
|---|
|
For background information, read Understanding Attacker Evasion Techniques. |
You can use either J-Web or the CLI configuration editor to disable SYN checking. TCP SYN checking is on by default.
This topic covers:
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |