https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916910#M957358 <P>Hi,</P><P></P><P>Could I Disabled the "SYN flood" control in the ASA version 8.03 ?</P><P>The IDS Module is disbled.</P><P></P><P></P><P>Is it posssible ?</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 11:45:54 GMT michelerossi 2019-03-11T11:45:54Z https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916910#M957358 <P>Hi,</P><P></P><P>Could I Disabled the "SYN flood" control in the ASA version 8.03 ?</P><P>The IDS Module is disbled.</P><P></P><P></P><P>Is it posssible ?</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 11:45:54 GMT https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916910#M957358 michelerossi 2019-03-11T11:45:54Z https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916911#M957359 <HTML><HEAD></HEAD><BODY><P>Yes you can Disabled the "SYN flood. It is the normalizer that detects the Syn Flood and, and can do syn cookies for protection of the Syn Flood. But as the ASA does the normalization, the normalizer is not running on the AIP-SSM and will not detect the Syn Flood on the AIP-SSM. So you need to rely on the ASA's Syn Flood protection (the ASA itself does Syn Cookies).</P><P></P><P>If this were an Appliance then the Appliance does run the Normalizer and is able to detect the Syn Flood and use Syn Cookies for protection (to turn on the Syn Cookie protection configure modify-packet-inline on sig 3050).</P></BODY></HTML> Wed, 16 Jan 2008 19:45:06 GMT https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916911#M957359 ebreniz 2008-01-16T19:45:06Z https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916912#M957360 <HTML><HEAD></HEAD><BODY><P>Have you got an example config of the Asa to do This ?</P><P></P><P>Thanks.</P></BODY></HTML> Fri, 18 Jan 2008 08:03:16 GMT https://community.cisco.com/t5/network-security/syn-flood-asa/m-p/916912#M957360 michelerossi 2008-01-18T08:03:16Z