I own a small regional webhosting company. I recently purchased some "real" equipment which included a Cisco 2924-XL-EN 24 port switch running Cisco IOS 12.0(5.2)XU Enterprise Edition.
A few months ago I had to drop my FTP server for the fact I was receiving 7500 brute force/DoS attempts every hour from some "nice people" in China.
Is there a way to utilize the managed part of this switch to help filter these attacks? I am new to the managed switch world, but noticed on the VSM there was an option for "Flooding Controls" when I right clicked on a specific port...
Or am I misconstruing what the flooding controls are for?
Also, I have searched Cisco to high heaven for some basic level tutorials on managed switches..any recommendations? The manulas I have been able to locate are just a hair above my head...
Well with a straight ADsl and no router/firewall to setup you are really wide open to pretty much most kinds of Internet ne'er-do-wells.
Port flood controls at your FTP server port, in your situation would just ramp down pretty much "everyone's" remote access levels to the affected port/server.
I would get with the check writers in your org and explain that you should either contract/SLA with you ISP for L3/4 security, or understand that the situation cannot be reasonably band-aided until your router/firewall is received.