Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

CSS 11501 DOS attack white list

Posted on 2008-10-13
4
Medium Priority
?
856 Views
Last Modified: 2013-12-09
Hello..... is it possible to white list a network or host address? I have a situation where a NAT'ed ip is being blocked possibly because of the number of connections coming through. Any input will be appreciated. Thanks.
0
Comment
Question by:cavacamite
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22707897


CSS perfroms NAT, it is also a content service device, load balancer, etc .... The CSS doe snot handle spam or deal with DOS attacks.

harbor235 ;}
0
 

Author Comment

by:cavacamite
ID: 22708014
Thanks. See the DOS output below. The source address is the one experiencing problems accessing the destination ip. The CSS isn't configured to block anything. Could there be any default values on the CSS causing the problem?
DOS Attack Event  1:
First Attack: 10/13/2008 15:47:56
Last Attack:  10/13/2008 16:09:01
Source Address: A.B.C.D  Destination Address: A.B.R.T
Event Type: SYN Attack Total Attacks: 402

0
 
LVL 32

Accepted Solution

by:
harbor235 earned 2000 total points
ID: 22711272


The DOS feature on the CSS is informational only, it provides statistics on potential attacks and allows you to send SNMP traps to alrt you, it doe snot perfrom DOS mitigation. You can accumulate statistics and you can also reset those statistics for monitoring purposes. I did not this feature existed until yooumade me look at it, thanx

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/administration/guide/SNMP.html#wp1051871

harbor235 ;}
0
 

Author Comment

by:cavacamite
ID: 22712426
Thanks very much for your help. That means back to troubleshooting the issue.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
In this article, we’ll look at how to deploy ProxySQL.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question