Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

SYN and FIN Bit Set at the Same Time

0

0

Article ID: KB5801 KB Last Updated: 12 Aug 2013Version: 4.0
Summary:
SYN and FIN Bit Set at the Same Time
Symptoms:
Symptoms & Errors:
  • Alarm event log: 2002-08-27 02:30:31 system-critical-00437: SYN & FIN set, From a.b.c.d/y to e.f.g.h/y, using protocol TCP (on interface ethernet2)
  • SYN and FIN Bit Set at the Same Time

Solution:

An application that sends a SYN and FIN bit at the same time is considered an illegal packet, which is used by hackers to provide a Denial of Service (DoS) on systems.  Since this is considered an attack, NetScreen reports it, and drops the packet.

The RFC for TCP does not support a SYN and FIN in the same packet.  If an application is sending this, it isn't following the RFC standards.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search