ASA-4-733100: [Scanning]

Unanswered Question
Aug 18th, 2009

I am seeing the following in the ASA syslog:

[ Scanning] drop rate-1 exceeded. Current burst rate is 10 per second, max configured rate is 10; Current average rate is 43 per second, max configured rate is 5; Cumulative total count is 26209

According to the link below, I should adjust the rate. The question is what the appropriate rate recommended by Cisco?

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Tue, 08/18/2009 - 11:29

The scanning drop is an aggregation of the individual drop types, which includes ACL drop, Bad packet drop, Conn limit drop, icmp drop, inspect drop, interface drop, syn attack ....

Therefore, it will depend on your network traffic and there is no a recommended value for this.

Actions

This Discussion