syn-ack-ack-proxy
Syntax
syn-ack-ack-proxy; { threshold number, }
Hierarchy Level
[edit security screen ids-option screen-name tcp]
Description
Prevent the SYN-ACK-ACK attack, which occurs when the attacker establishes multiple telnet sessions without allowing each session to terminate. This behavior consumes all open slots, generating a denial-of-service (DoS) condition.
Options
threshold number
— Number of connections from any single IP address.
Range: 1 through 250,000
Default: 512
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 8.5; support.