[Contents] [Prev] [Next] [Index] [Report an Error]

Setting TCP SYN Checking (CLI Procedure)

With SYN checking enabled, the device rejects TCP segments with non-SYN flags set unless they belong to an established session. Enabling SYN checking can help prevent attacker reconnaissance and session table floods. TCP SYN checking is enabled by default.

To disable SYN checking:

user@host#set security flow tcp-session no-syn-check

Related Topics

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]