Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
531
Views
0
Helpful
1
Replies

FIN sweep to external networks

rttsui
Level 1
Level 1

‎10-19-2001 05:53 PM - edited ‎03-08-2019 08:54 PM

Please give me some pointers about the following, where to get more info etc. Thanks.

1) All the FIN-sweep-related IDS events that were logged in our system has our ip addr as the destination.

Is it because IDS chooses to monitor fin sweeps targeted at the local network only, or is it because of other technical reasons: not feasible to keep track of the 3-way handshakes or closed/not-open connections, or we need to tune our configuration.

2) what is the default for the AlarmThrottle parm, if it is not set?

Labels:
0 Helpful
1 Reply 1

ciscomoderator
Community Manager
Community Manager

‎10-29-2001 03:48 PM

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

0 Helpful
Customers Also Viewed These Support Documents