Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

syn-frag (IDS Screen Next Gen Services)

Syntax

Hierarchy Level

Description

Identify and drop SYN packet fragments. In TCP SYN fragment attacks, the target caches SYN fragments, waiting for the remaining fragments to arrive so it can reassemble them and complete the connection. A flood of SYN fragments eventually fills the host’s memory buffer, preventing valid traffic connections.

Required Privilege Level

interface—To view this statement in the configuration.

interface-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 19.3R2.

Related Documentation