Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

DOS Attcak ???

Hi,,

How can we detect that our Gatway router or Core router is under DOS attack....

and what should be the frist step ater the detection of DOS attack...

Thanks.

6 REPLIES
New Member

Re: DOS Attcak ???

Try configuring some kind of IDS on your perimeter devices.

New Member

Re: DOS Attcak ???

Hi,,

Can you tell me with little detail?????

thanks

New Member

Re: DOS Attcak ???

You get various IDS devices from Cisco & other vendors. Just need to google them. Google has everything.

New Member

Re: DOS Attcak ???

Hi,

We use dos prevention mechanism in our FWSM 3.1 by using static nat command. Does anybody know a way of monitoring embryonic connections by some show command and if it is taken into production.

thanks.

New Member

Re: DOS Attcak ???

Try "sh conn". In the graphical interface also u can watch the current connection status...I guess.

Re: DOS Attcak ???

You can do a basic monitor/block of Syn attacks using "TCP Intercept" feature under IOS. You can also monitor for sys/fragment/smurf attacks by creating an permit access-list matching the required traffic sype and using the log-input statement at the end.

149
Views
0
Helpful
6
Replies
CreatePlease to create content