Filtering brute force/Dos attacks with 2924-XL?

Unanswered Question
Feb 20th, 2007

I own a small regional webhosting company. I recently purchased some "real" equipment which included a Cisco 2924-XL-EN 24 port switch running Cisco IOS 12.0(5.2)XU Enterprise Edition.

A few months ago I had to drop my FTP server for the fact I was receiving 7500 brute force/DoS attempts every hour from some "nice people" in China.

Is there a way to utilize the managed part of this switch to help filter these attacks? I am new to the managed switch world, but noticed on the VSM there was an option for "Flooding Controls" when I right clicked on a specific port...

Or am I misconstruing what the flooding controls are for?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tstanik Mon, 02/26/2007 - 14:17

You could use access-lists which prevents Ip fragments from entering the network.

eg.,

access-list 100 deny ip any any fragments

access-list 100 permit ip any any

Actions

This Discussion