Cisco Guard & bot.net attack ? pls help me!! expert

Unanswered Question
Mar 31st, 2007

Dear experts:

I have some questions about Cisco guard:

1: Guard can defense spoof IP attack only, right?

2: Can Guard defense BOT.NET attack (real IP attack)? If yeah, how to do it?

3: Guard use "dst_ip/dst_ip_ratio/dst_port/dst_port_ratio/global/protocol/src_ip/src_ip_many_dst_ips/src_ip_many_ports" to check attack traffic, right?

4:If work in netflow ,so Guard only detect attack base on ?source IP address, destination IP address, source port number, destination port number, protocol type, type of services, and the router input interface? only, is it right?

Many thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion