TCP SYN attack possible SOLUTION: FW-1

[s_khan () litle net (Saqib A. Khan)]

Heres a blurb from Checkpoint suggesting that Firewall-1 can prevent TCP SYN
attacks, I have'nt personally verified it but it looks good. Surf to
http://www.checkpoint.com/fw21/syndefender/index.html for the following page-


CheckPoint SYNDefender



Check Point's SYNDefender software, is the industry's first and only
firewall to provide protection against this denial
of service attack, which has crippled several Internet Service Providers
(ISPs) in recent weeks. Integrated into
existing FireWall-1 installations, SYNDefender protects against the TCP SYN
(requests for connection
establishment) flood attacks by intercepting all SYN packets and mediating
the connection attempts before they
reach the operating system. This prevents the target host from becoming
flooded by these unresolved connection
attempts, which causes the operating system, and the host, stop receiving
new connections. As a result, the host
system is effectively insulated from the SYN flood attack and denial of
service condition that results.

     The SYNDefender white paper
     TCP SYN Flooding Attack and the FireWall-1 SYNDefender
     Also available in [MsWord DOC format].

     CheckPoint's Press Release Announcing SYNDefender

     Download SYNDefender NOW!


PS: Pls CC all mail to me @ -
Saqib.A.Khan () worldnet att net

---------------------------------------------------
Saqib A. Khan, Principal
Architect, Information Security
Strategic Network Consulting

Voice: 617.433.7117
Saqib.A.Khan () worldnet att net
---------------------------------------------------

"Sed quis custodiet ipsos custodes?"
-Juvenal, c. 100 C.E.