recently I noticed a udp flood attack, which was originated by a LINUX server on a DMZ of my pix, where the server sent udp packets at very high rates towards the Internet through my pix. How can we prevent that?
you need toidentify what traffic is supposed to be allowed to/from that UNIX box and appy access lists on the outside and dmz interface that will only allow that access and nothing else. Even thought it can't prevent the UNIX fron sending UDP floods however, the PIX will stop teh packets from traversing the link and overload your Internet connection. You also need to think about some sort of intrution prevention system on your unix box which will stop teh flood from been initiated.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...