We are currently experiencing a DOS attack where the attacker is sending
ICMP Requests, say 40 a second, to an address on our network that does not
have a device hooked up to it. Looking at the tcpdump, all it is is a bunch
of requests, no replies, no "unavailables", etc. Even though it's not
hitting a machine, it is taking up bandwidth. Is there a way to limit the
number of ICMP request into the network from a particular source within a
particular timeframe? If not, any ideas on how to stop these without have
to block ICMP altogether?
Barry
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2288&t=2288
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
