RE: [nsp] TCP Intercept

From: Jason Lewis (jlewis@packetnexus.com)
Date: Mon Oct 08 2001 - 03:22:50 EDT


This is a useless reply, but I recall some issues with TCP intercept. I was
looking at implementing it, but the issues kept me from doing so. It may
have been memory use or the use of CEF....

I will look for my notes. Does anyone know what I am talking about? (yeah
I know I am making no sense)

Jason Lewis
http://www.packetnexus.com
It's not secure "Because they told me it was secure".
The people at the other end of the link know less
about security than you do. And that's scary.

-----Original Message-----
From: Nick [mailto:nick@arc.net.my]
Sent: Monday, October 08, 2001 3:05 AM
To: cisco-nsp@puck.nether.net
Subject: [nsp] TCP Intercept

We are planning to implement TCP intercept in our router to prevent DOS
attacks on some of our servers. Looking at the options that can be used eg.
intercept mode, drop mode, watch timers, finrst-timeout, aggressive
thresholds, etc - are there any recommended values to use, any formula or
'it will be right if we use default values'. Anything to watch out for or
any other advice?

Thanks in advance.

-nick



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:50 EDT