Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

hacker attacks

Hi All,          i face a big problem that are continuing attack from the outside into my network. we identified that public ip but cant recognises it. so please hep me out how i can prevent this attacking.  i appreciate you comments

3 REPLIES

Re: hacker attacks

Hi,

If you have identified the public IP of the attacker (and it's only that IP), one option is to shun or block that IP.

Depending on the device that you have for protection, you can use the shun command or an ACL.

Federico.

Cisco Employee

Re: hacker attacks

Also you can use whois services from arin's and ripe's websites to get more info on who the attacker is.

You want to block the attack as close to the source as possible, so blocking him on your upstream router or asking you ISP to do it would be the best thing to do.

I hope it helps.

PK

Cisco Employee

Re: hacker attacks

Arup,

Most ISPs have an RTBH setup already in place: http://ciscosystems.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper0900aecd80313fac.pdf

Just call them and give them the public IP that is sending this malicious traffic and they will route it to null. You won't even see these IPs hitting your outisde interface.

-KS

360
Views
0
Helpful
3
Replies
CreatePlease to create content