|
|
Re: TCP Intercept: msg#00100network.nsp.cisco
Hi, Cisco NSP folk. I'll second all of Sam's cautionary points, re: TCP Intercept. It is very likely you don't want to enable it at all. The end systems are actually much better at handling SYN floods than most firewalls (e.g. SYN Defender on Check Point) and routers (e.g. TCP Intercept). You can tune the IP stack on the gear to accomodate rather large SYN floods. Take a look here: <http://www.cymru.com/Documents/ip-stack-tuning.html> Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty); _______________________________________________ cisco-nsp mailing list cisco-nsp@xxxxxxxxxxxxxxx http://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Broken counters?: 00100, Srdjan Simic |
|---|---|
| Next by Date: | Re: TCP Intercept: 00100, Michael Sinatra |
| Previous by Thread: | Re: TCP Intercepti: 00100, Steve Francis |
| Next by Thread: | Re: TCP Intercept: 00100, Michael Sinatra |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |