Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1406
Views
0
Helpful
2
Replies

Cisco ASA feature on sequence number

eppietong
Level 1
Level 1

‎11-02-2011 02:34 PM - edited ‎03-11-2019 02:45 PM

I have a server that has an old kernel that is vulnerable to a security weakness related to TCP sequence number generation. This is now put behind a Cisco ASA 5510 and static map to an external IP. Will the cIsco ASA intercept the traffic and re-generate randomized sequence number on behalf of the server?

Thanks

Eppie

Labels:
0 Helpful
2 Replies 2

eppietong
Level 1
Level 1

‎11-02-2011 02:59 PM

Is this under the feature of Sequence Number Randomization (SNR) of the ASA?

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to eppietong

‎11-02-2011 03:30 PM

Hi Eppie,

That is correct, the ASA as part of the security mechanisms and the Stateful firewall algorithm will randomize the sequence number.

This option can be enable by host also. By default, it is being done for all of the internal hosts.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top