Advertisement
Promo

Security threats Toolkit in association with http://ad.doubleclick.net/clk;214682528;14505427;f?http://uk.blackberry.com/ataglance/security/

Download now

Denial of Service Tuning for Cisco IOS Software Firewall and Intrusion Prevention System

PublisherCisco Systems
Format144.1KB PDFDate added01 Jul 2006
Topics Firewalls, Denial of Service, Intrusion Detection Systems
Downloads8

Cisco IOS Stateful Packet Inspection maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software. These half-open connections are TCP connections that have not completed the SYN - SYN/ACK - ACK handshake that is always used by TCP peers to negotiate the parameters of their mutual connection. Cisco IOS Firewall also regards User Datagram Protocol (UDP) sessions with traffic in only one direction as "Half-open", as nearly all applications that use UDP for transport will acknowledge reception of data. UDP sessions without acknowledgement are likely indicative of DoS activity, or attempts to connect between two hosts where one of the hosts has become unresponsive.

Download now

Did you find this white paper useful?
0 out of 2 users found this white paper useful


  • Trackback
  • Clip Link

Related white papers

Enabling business growth with expert security solutions. Protecting your systems and your data

Hackers, viruses, worms, spams, spy ware and inside attacks can stop organisations growing. This white paper deals with these vunerabilities and how to achieve cost effective soultions.


Understanding Web application security challenges

Business has grown increasingly independent upon web applications and they are becoming more difficult to secure. This paper explains what you can do to protect your organization and improve Web...


Telecom Italia Sparkle and Cisco Systems Join Forces to Build S@FE

Telecom Italia Sparkle (TI Sparkle), a wholly owned subsidiary of Telecom Italia SpA, was established in 2003 with the objective of developing and consolidating the Italian Group's international wholesale and...


Laying the IT Security Foundation - Corralling Conficker and Other Threats in an Evolved Environment

The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today's ever-changing IT environment, sophisticated threats such as Conficker worm...


NaviSite Managed Messaging: Who Will Manage Your Enterprise Messaging?

This paper explores messaging trends, including growth in email volume and mailbox size, and pressure to reduce costs in light of increasing technological complexity and availability requirements. The paper...


A Link Signature Based DDoS Attacker Tracing Algorithm Under IPv6

The ipv6 security architecture, IPSec, plays a positive role in the protection of IPv6 networks. To some special attacks, especially DDoS attacks, IPSec appears relatively weak, because IPSec can only...


Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network

Denial of Service (DoS) attacks and more particularly the distributed ones (DDoS) are one of the latest threat and pose a grave danger to users, organizations and infrastructures of the...


White Paper

Featured White Paper

Selecting a Microsoft Hosted Exchange Service Provider

When it comes to the decision to outsource the delivery of your organisation's messaging solution, the task of selecting the most appropriate service provider can be daunting This whitepaper from Cobweb Solutions, Europe's leading Microsoft Hosted Exchange provider, is designed to help simplify that task for you, by arming you with the important ...

Download Now

Other White Papers

Business Efficiency in Unprecedented Times

In these unprecedented times, organisations are left with no choice but to seek out more and more...

Desktop Virtualization on IBM BladeCenter and System x Servers: Taking Back Control of the Desktop

"Operational efficiency is imperative in today's competitive marketplace. Thus, the IT strategies...

See All White Papers

Video icon

Video


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters