05-26-2003 12:25 AM - edited 02-20-2020 10:45 PM
Hi,
I was told that I can protect many popular form of network attacks, including DOS, SYN Attack, PING flood by using PIX firewall features.
But I don't really know which command should I use...
Can anyone help me on the issue?
Thank you very much in advance.
Best regards,
Brandon Ryu.
05-26-2003 08:35 AM
Are you intending to use the IOS Firewall feature on the router or the Intruder Detection on the PIX?
In case of the later, the below urls might be helpful
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/sysmgmt.htm#1038041
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.htm#1027034
In case of the former, (i.e.IDS on Router);
Use TCP Intercept solution;
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfdenl.htm
and / or
IDS on routers;
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfids.htm
Hope this helps,
yatin
05-26-2003 04:29 PM
Hi Yatin,
I really appreciate your kind help.
Brandon,
05-26-2003 12:56 PM
Hi,
Along with the IDS configuration (described in the following link), you can stop the attack using the embroynic and maximum connections limit on static stmt.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.htm#1027034
Please read the "TCP Intercept Feature" to understand how to configure the static to accomlish this task:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/s.htm#1026694
Thanks,
Mynul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide