Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Security Practice

Hello All,

I have a connection to AT&T and I have been seeing a ton of 12.0.0.0 host trying to connect to several UDP & TCP ports such as 135,137,139, 445. And netbios-ns. The firewall is blocking all of this traffic, but log entries are driving me insane. Should I have ATT block these ports on the Serial or is there another way to do this on the PIX without seeing all the dropped traffic?

Thanks,

DF

1 REPLY
New Member

Re: Security Practice

Block this IP at the perimeter or aggregate router upstream from the PIX. That will stop the syslog flood.

97
Views
0
Helpful
1
Replies