Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Mitigate tcp middlebox reflection
« previous
next »
Print
Pages: [
1
]
Author
Topic: Mitigate tcp middlebox reflection (Read 356 times)
reijnders@tor.nl
Newbie
Posts: 4
Karma: 0
Mitigate tcp middlebox reflection
«
on:
June 21, 2024, 12:30:58 pm »
I am using a KPN fiber connection directly connected to my OPNSense firewall. I've been warned that the configuration is vulnarable for tcp middelbox reflection attacks.
See
https://www.akamai.com/blog/security/tcp-middlebox-reflection
In that article they propse as mitigation to block/drop all SYN packages larger than 100 bytes.
How can I do that in OPNSense. I cannot find a way to drop packages in the firewall rules based on the length of a package (and other criteria).
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Mitigate tcp middlebox reflection