cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
260
Views
0
Helpful
1
Replies

Shunning Problem

rod.blackie
Level 1
Level 1

Hi netpro's

I have a pix 515 running os 8.2 and I have an ISA server on my inside LAN which redirects HTTP traffic to an ISA server in my DMZ, which then forwards out to the internet.

I came in this morning and the PIX was shunning all traffic from the inside ISA to the DMZ ISA which meant all HTTP traffic was dropped.

Does this mean I have intruder on my inside network carrying out some kind of scanning attack?

Any help or pointers would be appreciated?

Thanks

Rod

1 Reply 1

Yudong Wu
Level 7
Level 7

Check your PIX log to see if you can find anything.

It was most like shunned by threat-detection. So check the following commands as well.

show threat-detection scanning-threat

show threat-detection shun

show threat-detection statistics host

show threat-detection statistics port

show threat-detection statistics protocol

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: