On 21/04/15 17:22, Cahit Eyigünlü wrote:
We are getting a spoofed ip syn attack. When attack starts and over
100K pps our SRX3600 was losting the connection. And we check the
status of the device over the Serial connection. But we could not
determine why it has been dropped the connection
What is "the connection" here? I don't understand your problem.
If you don't have "screen" protections enabled then yes, 100kpps of
spoofed syn will knock the box over.
See for example:
http://www.juniper.net/documentation/en_US/junos12.1/topics/concept/denial-of-service-network-syn-cookie-protection-understanding.html
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp