The TCP flag consists of six bits, namely, URG, ACK, PSH,
RST, SYN, and FIN. The attacker sends a large number of packets with
the illegitimate combination of TCP flag bits to harm the target host.
Context
TCP flag bits are URG, ACK, PSH, RST, SYN, and FIN. Attackers
send packets with the illegitimate combination of TCP flags to damage
hosts.
After TCP packet flag bit attack defense is enabled,
the
FW checks each flag
bit of TCP packets. In any of the following cases, the
FW regards that attacks
occur, and thus discards the packets and logs attacks:
- All flag bits are 1.
- All flag bits are 0.
- The SYN flag bit and the FIN flag bit are 1.
- The SYN flag bit and the RST flag bit are 1.
- The FIN flag bit is 1 but the ACK flag bit is 0.