I've been messing around with this for a few days, but can't seem to get my ASA to SHUN me when I agressively scan it.
I'm running nmap scans against my ASA-fronted /25 subnet. I'm using the most aggressive scan rate possible (-T5), using SYN scans (-sS) ACK scans (-sA) and even FIN scans (-sF).
I know the packets are hitting the ASA (I can see the ACL deny's.) I've done a sweep on my entire /25 using all ports, another scan of the /25 using just ports 80 and 443 (-p80,443), and full scans of just one host.
Is it just me, or have you guys been able to get shunning to work?