Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Prevent attacks on DNS Server on ASA/FWSM

Hi,

I am trying to block intrusion on DNS servers on Internet edge FWSM. Usually during an event there are a lot of (limit ia 1 Million) connection on DNS servers whic trigger FWSM mem and cpu to 100%. I have reducede UDP idle time to 1 minute.

What are other suggestions. I don't have IPS. The only defence is on FWSM. Can I create a policy that would limit number of connections from an outside source to say for example 500.

ANy other suggestions ?

Thanks

2 REPLIES

Prevent attacks on DNS Server on ASA/FWSM

Hi Fawad,

Check the below link. It may give some idea...

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

Thx

MS

New Member

Prevent attacks on DNS Server on ASA/FWSM

hi

if you configured netflow check the the flow, enable dns inspection and dns gurd...

you can refer http://www.cisco.com/web/about/security/intelligence/dns-bcp.html

Thanks

Pranesh

188
Views
0
Helpful
2
Replies