Chapter10 Application Security
Applications/Protocols
10-14
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
TCP FIN Wait Timeout Value
Amount of time that a TCP session will still be managed after the firewall detects
a FIN exchange. The default value is 5 seconds.
TCP Idle Timeout Value
Amount of time that a TCP session will still be managed after no activity has been
detected. The default value is 3600 seconds.
UDP Idle Timeout Value
Amount of time that a User Datagram Protocol (UDP) session will still be
managed after no activity has been detected. The default value is 30 sec onds.
DNS Timeout Value
Amount of time that a Domain Name System (DNS) name lookup session will be
managed after no activity has been detected. The default value is 5 sec onds
SYN Flooding DoS Attack Thresholds
An unusually high number of half-open sessions may indicate that a Denial of
Service (DoS) attack is under way. DoS attack thresholds allow the router to start
deleting half-open sessions after the total number of them has reached a maximum
threshold. By defining thresholds, you can specify when the router should start
deleting half-open sessions and when it can stop deleting them.
One-minute session thresholds. These fields let you specify the threshold
values for new connection attempts.
Low Stop deleting new connections after the number of new
connections drops below this value. The default value is
400 sessions.
High Start deleting new connections when the number of new
connections exceeds this value. The default value is
500 sessions