Security Basics mailing list archives
RE: preventing SYNC attacks...
From: Neil Fryer <nfryer () marimba com>
Date: Thu, 4 Mar 2004 09:10:26 -0800
Hi Charles, Yes you can prevent SYN attacks at a firewall level, the ones that I know off hand that you can do this with are Watchguard, and netfilter(Linux). But then this will only stop things on one side of your network, well I suppose this depends how you set it up, as I haven't really tried tweaking it to do it on a host by host basis, but it should be possible depending on how your firewall is set up. If however the SYN attack is coming from a host inside your network, targeting hosts on the same subnet, this may not be firewalled, and therefore may not be stopped. Basically yes it's possible, but it all depends on how concerned you are about SYN attacks, as to how much effort you want to put into blocking them. If you are happy to block SYN attacks from coning into your network from the Net, then a firewall would solve this problem for you. I am pretty sure that routers can do this as well, but maybe someone else on here will be able to provide you with more info on that. HTH Neil -----Original Message----- From: Mr. Charles Darwin [mailto:otzie () hotpop com] Sent: Wednesday, March 03, 2004 10:36 PM To: security-basics () securityfocus com Subject: preventing SYNC attacks... hi everyone i know that acording to some microsoft papers, i can prevent sync attacks in every compurter by modifying the registry (at least in win nt 4.0 & 5.0). In a large network this only means one thing: tons of work without forgetting this may carry another tons of problems if we are not cautious enough... but i was wondering if there is such a way to prevent sync attacks from an upper level, like for example cisco switches or routers, may be a firewall? Regards. Charles D --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- preventing SYNC attacks... Mr. Charles Darwin (Mar 03)
- <Possible follow-ups>
- Re: preventing SYNC attacks... H Carvey (Mar 04)
- RE: preventing SYNC attacks... Neil Fryer (Mar 04)