<div>
is the IP that is doing the syn flood the management IP address or is it a NAT ip address of the firewall?<br />
<br />
&nbsp;if it's the management IP address , it's &nbsp;possible that you have configured a SYN(TCP) log (syslog,eg) &nbsp;to the log server but the log server is maybe running in UDP syslog or something like that. You will see a lot of SYN with no 3 way handkshake as there are no real ports being opened on the log server. 
</div>


is the IP that is doing the syn flood the management IP address or is it a NAT ip address of the firewall?

 if it's the management IP address , it's  possible that you have configured a SYN(TCP) log (syslog,eg)  to the log server but the log server is maybe running in UDP syslog or something like that. You will see a lot of SYN with no 3 way handkshake as there are no real ports being opened on the log server.

<div>
if i'm not wrong , isg 1000 has the option to use TCP or UDP syslog. maybe u can try the UDP syslog 
</div>


if i'm not wrong , isg 1000 has the option to use TCP or UDP syslog. maybe u can try the UDP syslog

<div>
ok..how can I set the UDP syslog?
</div>


<div>
when I enable it on port 514 from the GUI and choosing only event log and traffic log..it still keep sending on TCP...
</div>


when I enable it on port 514 from the GUI and choosing only event log and traffic log..it still keep sending on TCP...

<div>
could you print screen and send to yuliang11@yahoo.com ? <br />
<br />
tq 
</div>


could you print screen and send to yuliang11@yahoo.com ?

tq

<div>
yep it is sent..<br />
<br />
<br />
Cheers.
</div>


<div>
Many thnks..excellent response.
</div>


<div>
<div class="content wysiwyg-content">
Hi ,<br />
My firewall ISG1000 is keep sending SYN Flood to my log server when I enable the logs...is there any explanation to what happened and how to fix it?
</div>
</div>


Hi ,
My firewall ISG1000 is keep sending SYN Flood to my log server when I enable the logs...is there any explanation to what happened and how to fix it?

SYN flood! From juniper firewall...how to fix it.

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.