Understanding TCP Challenge-ACK: Enhancing TCP Security, Overview The TCP Challenge-ACK mechanism is an important security feature in the Transmission Control Protocol (TCP) that helps mitigate certain types of network attacks, particularly those in...

One common task in ASA/FTD troubleshooting is to find the top hosts, ports, hosts pair, socket-host pair etc using the "show conn" output file. This document is using "show conn" output, "show conn long" and "show long detail" has multiline outputs ...

One common task while troubleshooting ASA/FTD connections is to identify the connections with highest bytes count. Easiest way is to filter the connections using REGEX on device CLI. This document is using “show conn” output, “show conn long” and “sh...

I got a ticket where customer wanted to configure DCD option and they had some questions regarding how exactly ASA would do this cool thing, so I decided to write the facts that I found just in case it is useful to someone. Following is clear definit...

There are some cases in which customer needs the ability to access the server from a host sitting behind the same interface using it's public ip address. Usually DNS inspection is used to do this, however DNS inspection is not possible in some cases ...