Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ASA Security Threat

Hi,

I have cisco asa 5520.Please find the log given below.I am getting these type of logs continuously.

Someone try to access my ASA through port 80.

x.x.x.2 is my ASA outside IP address.

Error %ASA-3-710003: TCP access denied by ACL from 60.172.229.2/1458 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 60.172.229.2/3946 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 60.172.229.2/1866 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1452 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1921 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1492 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 60.172.229.2/2362 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 60.172.229.2/2054 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1468 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 87.152.6.186/3864 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1553 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 87.152.6.186/3864 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1553 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1129 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 87.152.6.186/3815 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1553 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 87.152.6.186/3815 to outside:x.x.x.2/80

Error %ASA-3-710003: TCP access denied by ACL from 221.10.201.177/1129 to outside:x.x.x.2/80

How prevent this type of attack? Plz need ur help..

Thanx,

som

1 REPLY

Re: Cisco ASA Security Threat

Hi,

There is not way to prevent this traffic reaching the ASA unless you can get the ISP to filter inbound 80 traffic to the ASA IP.

However, you shouldn't be concerned since this is the exact purpose of the ASA, to stop unwanted traffic.

The ASA cannot be managed over 80 port, so no one can assume control using that port.

Just make sure the management access is allowed only on the internal subnets:

ssh (inside) ......

http (inside) ......

Please rate if this helped.

Regards,

Daniel

611
Views
3
Helpful
1
Replies
CreatePlease to create content