The Broadband Guide
SG
search advanced
 search
FAQs Categories:

How to stop **SYN Flood** (from WAN Outbound) router errors ?

Some SMC Barricade, Belkin, Phillips and other NAT routers with firewall protection may often report warnings of the sort:

**SYN Flood** 192.168.1.x, [port#]->> 192.168.x.x, [port#] (from ATM Outbound)
**SYN Flood to Host** 192.168.x.x, [port#]->> [external IP], 80 (from WAN Outbound)
**SYN Flood (per Min)** 192.168.x.x, [port#]->> 192.168.x.x, 135 (from ATM Outbound)

The culprit is often the number of connections that your web browser keeps open when accessing some websites (Google Maps, for example). Some routers are configured to trigger a SYN FLOOD warning when you open more than 10 connections and block requests. This has the side-effect of web pages that do not fully load.

The setting that needs to be checked in your NAT router is found under:
"Advanced Setup --> Firewall --> Intrusion Detection" (SMC) or
"Security --> Firewall --> Intrusion Detection" (Phillips) and is called:

"Maximum incomplete TCP/UDP sessions number from same host"

Increasing this from the default of ~10 to 50 should fix most common issues.

Note: Pay close attention if the triggered syn flood warnings are from outbound source, you may want to check our ports database to see what port is being used, who is using it and why, before changing the settings.


  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About