Results 1 to 2 of 2
  1. #1
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Karachi , Pakistan

    Angry SYN Attack on Server

    Hi gals / guys

    An urgent and most important issue...... At our warehouse we have a network with Real IP on which SQL server is running and being accessed...... With internal users of around 20 nodes..... WIndows 2003 with ISA 2004 running as Proxy...... in the even log i am contineously seeing that the network getting SYN attack ISA will try to prevent and after every 2 mins i am seeing this.....

    I need two things here: -

    How can i configure the ISA to prevent this?
    How can i know which IP attacking my network?

    Awaiting help from you folks.
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Washington D.C. area
    How can i configure the ISA to prevent this?
    Set the TCP SYN flood reg key. See here:

    How can i know which IP attacking my network?
    First stop, the log files. If it's an attack from inside your network, you'll see the IP address or the IP of the NAT device(s) in the path. Second stop, a sniffer on the local machine to see exactly what is happening. This can give you a good idea of where to concentrate your search. Third stop, a spanning port on the NAT devices (or behind them) to continue your search. If you don't see that the traffic is internal, head up to your perimeter firewall and look at the logs. From there, keep moving upstream if need be.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.