For the last one month we have been hit by DDOS attacks that seem to be using SSDP (Port 1900 UPD). It’s just happed today and it lasted 15 mins…during which time our internet connection (Comcast Business line. 100/20 MB) came to a crawl. No one could access anything on the net.
How can I mitigate this attacks…. I have configured the ASA 5510 like this
ip verify reverse-path interface outside
ip verify reverse-path interface inside
ip audit name OUTSIDE_ATTACK attack action alarm drop
ip audit name OUTSIDE_INFO info action alarm
ip audit name INSIDE_ATTACK attack action alarm drop reset
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...