Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring TCP fin-no-ack Attack Screen

This topic describes how to configure detection of TCP fin-no-ack attack. A TCP header with the FIN flag set but not the ACK flag is anomalous TCP behavior.

To enable detection of FIN bits with no ACK bit IDS option:

  1. Configure interfaces and assign an IP address to interfaces.
  2. Configure security zones trustZone and untrustZone and assign interfaces to them.
  3. Configure security policies from untrustZone to trustZone.
  4. Configure security screens and attach them to untrustZone.
  5. Configure syslog.
  6. Commit the configuration.

Related Documentation