[3412] in bugtraq
TCP SYN attack possible SOLUTION: FW-1
daemon@ATHENA.MIT.EDU (Saqib A. Khan)
Wed Oct 2 22:13:09 1996
Date: Wed, 2 Oct 1996 12:26:21 -0400
Reply-To: "Saqib A. Khan" <s_khan@LITLE.NET>
From: "Saqib A. Khan" <s_khan@LITLE.NET>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
Heres a blurb from Checkpoint suggesting that Firewall-1 can prevent TCP SYN
attacks, I have'nt personally verified it but it looks good. Surf to
http://www.checkpoint.com/fw21/syndefender/index.html for the following page-
CheckPoint SYNDefender
Check Point's SYNDefender software, is the industry's first and only
firewall to provide protection against this denial
of service attack, which has crippled several Internet Service Providers
(ISPs) in recent weeks. Integrated into
existing FireWall-1 installations, SYNDefender protects against the TCP SYN
(requests for connection
establishment) flood attacks by intercepting all SYN packets and mediating
the connection attempts before they
reach the operating system. This prevents the target host from becoming
flooded by these unresolved connection
attempts, which causes the operating system, and the host, stop receiving
new connections. As a result, the host
system is effectively insulated from the SYN flood attack and denial of
service condition that results.
The SYNDefender white paper
TCP SYN Flooding Attack and the FireWall-1 SYNDefender
Also available in [MsWord DOC format].
CheckPoint's Press Release Announcing SYNDefender
Download SYNDefender NOW!
PS: Pls CC all mail to me @ -
Saqib.A.Khan@worldnet.att.net
---------------------------------------------------
Saqib A. Khan, Principal
Architect, Information Security
Strategic Network Consulting
Voice: 617.433.7117
Saqib.A.Khan@worldnet.att.net
---------------------------------------------------
"Sed quis custodiet ipsos custodes?"
-Juvenal, c. 100 C.E.
