Aaron_J_Marshall
asked on
ASA 5510 - Help blocking TCP SYN packets
Can anyone help me to block all TCP SYN packets to a destination port on an ASA 5510?
(from our security scanner)
--
TCP Source Port Pass Firewall
THREAT:
Your firewall policy seems to let TCP packets with a specific source port pass through.
IMPACT:
Some types of requests can pass through the firewall. The port number listed in the results section of this vulnerability report is the source port that unauthorized users can use to bypass your firewall.
SOLUTION:
Make sure that all your filtering rules are correct and strict enough. If the firewall intends to deny TCP connections to a specific port, it should be configured to block all TCP SYN packets going to this port, regardless of the source port.
COMPLIANCE:
Not Applicable
RESULTS:
The host responded 4 times to 4 TCP SYN probes sent to destination port xx using source port 80.
However, it did not respond at all to 4 TCP SYN probes sent to the same destination port using a
random source port.
(from our security scanner)
--
TCP Source Port Pass Firewall
THREAT:
Your firewall policy seems to let TCP packets with a specific source port pass through.
IMPACT:
Some types of requests can pass through the firewall. The port number listed in the results section of this vulnerability report is the source port that unauthorized users can use to bypass your firewall.
SOLUTION:
Make sure that all your filtering rules are correct and strict enough. If the firewall intends to deny TCP connections to a specific port, it should be configured to block all TCP SYN packets going to this port, regardless of the source port.
COMPLIANCE:
Not Applicable
RESULTS:
The host responded 4 times to 4 TCP SYN probes sent to destination port xx using source port 80.
However, it did not respond at all to 4 TCP SYN probes sent to the same destination port using a
random source port.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Software Firewalls
Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.
20K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
