Manualshelf

Network Security Features of HP-UX 11i v1 and 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
11121314151617181920
Network Security Features of HP-UX 11i
Page 15
TCP Denial of Service Defense
Beginning with HP-UX 11i v1, TCP incorporates a defense against SYN Attacks where an attacker floods
a target system with spurious TCP SYN packets and causes the target system to consume resources for
these false incoming TCP connection requests.
When TCP receives a SYN packet from a new IP address (a system that has not previously established a
TCP connection), it responds with a SYN-ACK, but does not fully commit resources for the connection
until the remote system sends an ACK, completing the connection handshake.
TCP Denial of Service Defense is a part of the TCP protocol delivered with the HP-UX 11i operating
system.