Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
717
Views
0
Helpful
1
Replies

ASA 5520 False SYN attacks?

ericn8484_2
Level 1
Level 1

‎11-03-2009 10:56 AM - edited ‎03-11-2019 09:35 AM

I noticed that our ASA firewall is showing false SYN attacks. When I look at them, I see such things as our AS400 sending print jobs to a remote facility with an IPSEC tunnel, another example is our PC's connecting to an outsourced content filtering solution.

Is there any way to tell the Cisco ASA firewall that these are not SYN attacks and that its acceptable traffic?

Labels:
0 Helpful
1 Reply 1

Panos Kampanakis
Cisco Employee
Cisco Employee

‎11-04-2009 07:17 AM

Is threat detection showing those as SYN attacks?

If yes I don't think there is something you can do to exclude these hosts from being flagged.

But you can change the attack threat detection thresholds on your ASA so that it doesn't bark about attacks.

I hope it helps.

PK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card