https://community.cisco.com/t5/network-security/asa-5520-false-syn-attacks/m-p/1249424#M778567 <HTML><HEAD></HEAD><BODY><P>Is threat detection showing those as SYN attacks?</P><P></P><P>If yes I don't think there is something you can do to exclude these hosts from being flagged. </P><P>But you can change the attack threat detection thresholds on your ASA so that it doesn't bark about attacks.</P><P></P><P>I hope it helps.</P><P></P><P>PK</P></BODY></HTML> Wed, 04 Nov 2009 15:17:18 GMT Panos Kampanakis 2009-11-04T15:17:18Z https://community.cisco.com/t5/network-security/asa-5520-false-syn-attacks/m-p/1249423#M778552 <P>I noticed that our ASA firewall is showing false SYN attacks. When I look at them, I see such things as our AS400 sending print jobs to a remote facility with an IPSEC tunnel, another example is our PC's connecting to an outsourced content filtering solution.</P><P></P><P>Is there any way to tell the Cisco ASA firewall that these are not SYN attacks and that its acceptable traffic?</P> Mon, 11 Mar 2019 16:35:33 GMT https://community.cisco.com/t5/network-security/asa-5520-false-syn-attacks/m-p/1249423#M778552 ericn8484_2 2019-03-11T16:35:33Z https://community.cisco.com/t5/network-security/asa-5520-false-syn-attacks/m-p/1249424#M778567 <HTML><HEAD></HEAD><BODY><P>Is threat detection showing those as SYN attacks?</P><P></P><P>If yes I don't think there is something you can do to exclude these hosts from being flagged. </P><P>But you can change the attack threat detection thresholds on your ASA so that it doesn't bark about attacks.</P><P></P><P>I hope it helps.</P><P></P><P>PK</P></BODY></HTML> Wed, 04 Nov 2009 15:17:18 GMT https://community.cisco.com/t5/network-security/asa-5520-false-syn-attacks/m-p/1249424#M778567 Panos Kampanakis 2009-11-04T15:17:18Z