12-14-2006 08:59 AM - edited 03-03-2019 03:02 PM
okie, i've been working with IOS for about 8 years now, but have ever used IOS firewall so i could use a little help.
here is my situation:
we've been getting hit udp flood attacks a lot lately, our firewall (not a pix :-() can't handle the load of the attacks. i was wondering what i could do possibly with IOS firewall to stop these attacks at the edge....any help would be appreciated.
thanks in advance,
rob
12-14-2006 09:44 AM
hi
you can use CBAC,a set of firewall feature within the IOS. you will use a inspection rule
for UDP and any other protocol you count use such tcp, ftp ,and apply it to the interface,with an access-list.
(so there is some parameters such as ,
max-incomplete,synwait-time..,udp idle-time...)
HTH
Pls do rate if it helps
12-14-2006 10:27 AM
do you have a few basic examples that would get me started?
12-14-2006 10:49 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide