Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DOS Mitigation Suggestions

Today we have been hit repetedly with a TCP connection window size RST DOS attack from a large range of IPs (Last time I looked in Mars it was showing around 2800 different IPs). Besides the normal mitigation responses that Mars has to block each IP via an ACL, are there any other measures I can take to help defend against this on the ASA or an IOS IPS or other means?

1 REPLY
New Member

Re: DOS Mitigation Suggestions

I suggest move that ACL to the inbound interface, instead. The idea is to prevent the 'annoying' traffic to be processed

by the router, consuming resources, when it will finally be dropped.

263
Views
0
Helpful
1
Replies
CreatePlease login to create content