ASA-4-733100: [Scanning]

Unanswered Question
Aug 18th, 2009
User Badges:
  • Silver, 250 points or more

I am seeing the following in the ASA syslog:


[ Scanning] drop rate-1 exceeded. Current burst rate is 10 per second, max configured rate is 10; Current average rate is 43 per second, max configured rate is 5; Cumulative total count is 26209


According to the link below, I should adjust the rate. The question is what the appropriate rate recommended by Cisco?

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Tue, 08/18/2009 - 11:29
User Badges:
  • Gold, 750 points or more

The scanning drop is an aggregation of the individual drop types, which includes ACL drop, Bad packet drop, Conn limit drop, icmp drop, inspect drop, interface drop, syn attack ....


Therefore, it will depend on your network traffic and there is no a recommended value for this.

Actions

This Discussion