Alot of connection denied messages from 1 source now what?

Answered Question
Dec 21st, 2009

Watching my logs on a ASA running 7.2(4) and I see dozens (per minute) of icmp or tcp connections denied messages coming from the same address. Sniffer traces don't indicate any packets from that source are making into the "inside" network. How do I get it to stop? Do I report the address to my ISP and have them block it? Do I contact their ISP or just filter on that port at my gateway router?

Correct Answer by Kureli Sankar about 7 years 2 months ago

You are correct. You need to get in touch with your ISP and have them block it right there so, these packets done even arrive on your side of the circuit.


-KS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Kureli Sankar Mon, 12/21/2009 - 19:24

You are correct. You need to get in touch with your ISP and have them block it right there so, these packets done even arrive on your side of the circuit.


-KS

Actions

This Discussion