Watchgaurd 750e DoS (denial of service) attack

My watchgaurd 750e began blocking all inbound and outbound traffic.  The logs were saying that a DoS (denail of service) attack was occuring.  I do not know how to allow traffic back in through the Watchgaurd.  I had to pull out another linksys and I am really dissapointed that my Watchgaurd is sitting there.  I paid to have a company help me configure it but they said to call watchguard for support.  Does anyone know what I can do without having to call Watchguard?

How do I allow traffic in again?  

afsanchez001Asked:
Who is Participating?
 
dpk_walCommented:
Normally after the attack is stopped the box would resume working again without doing anything; if for some reason it is in HUNG state, rebooting the device would help.

One more thing, if you see one/few specific IP in repetition in logs, you can also ask your ISP to block traffic to you from those IP addresses.

As you have linksys in place of WG and it is working, it appears to me that the DoS attack is no longer in progression and it would be fine to put WG back into action.

Please check and advice.
0
 
hstilesCommented:
Under setup, intrusion prevention, default pacet handling, there is a setting called

'auto-block source of packets not handled'.

It is quite possible that your firebox is blocking your ISP's router as a result of this setting, so disable it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.