Have you tried 'TCP Intercept List' to avoid DOS
attacks???
CCNP, MCSE
--- Jason Roysdon wrote:
> Use CAR to limit ICMP down, but still allow it
> through.
>
> --
> Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA,
> Network+, A+
> List email: [EMAIL PROTECTED]
> Homepage: http://jason.artoo.net/
>
>
>
> ""Barry Kiesz"" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > We are currently experiencing a DOS attack where
> the attacker is sending
> > ICMP Requests, say 40 a second, to an address on
> our network that does not
> > have a device hooked up to it. Looking at the
> tcpdump, all it is is a
> bunch
> > of requests, no replies, no "unavailables", etc.
> Even though it's not
> > hitting a machine, it is taking up bandwidth. Is
> there a way to limit the
> > number of ICMP request into the network from a
> particular source within a
> > particular timeframe? If not, any ideas on how to
> stop these without have
> > to block ICMP altogether?
> >
> > Barry
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=2395&t=2288
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]