Setting Strict SYN Checking (CLI Procedure)

With strict SYN checking enabled, the device enables the strict three-way handshake check for the TCP session. It enhances security by dropping data packets before the three-way handshake is done. TCP strict SYN checking is disabled by default.

Note: The strict-syn-check option cannot be enabled if no-syn-check or no-syn-check-in-tunnel is enabled.

To enable strict SYN checking:

user@host#set security flow tcp-session strict-syn-check

Related Topics

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.