You can configure a TCP
Split Handshake Drop in a Zone Protection profile to prevent
TCP sessions from being established unless they use the standard
three-way handshake. This task assumes that you assigned a security
zone for the interface where you want to prevent TCP split handshakes
from establishing a session.
Configure a Zone Protection profile to prevent
TCP sessions that use anything other than a three-way handshake
to establish a session.
new profile (or select an existing profile).
If creating a new profile, enter a
the profile and an optional
Packet Based Attack
Apply the profile to one or more security zones.
and select the zone where
you want to assign the zone protection profile.
In the Zone window, from the
drop-down, select the profile you configured
in the previous step.
Alternatively, you could start creating a new profile here
Zone Protection Profile
, in which
case you would continue accordingly.
) Repeat steps 1-3 to apply the
profile to additional zones.