Example: Protecting Against a SYN-ACK-ACK Proxy Flood Attack (CLI)
The following example shows you how to enable protection against a SYN-ACK-ACK proxy flood. (The value unit is connections per source address. The default value is 512 connections from any single address.) In the example, the specified zone is where the attack originated.
user@host# set security screen ids-option 1000-syn-ack-ack-proxy
tcp syn-ack-ack-proxy threshold 1000user@host# set security zones security-zone zone screen
1000-syn-ack-ack-proxy
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices