Solved

CSS 11501 DOS attack white list

Posted on 2008-10-13
4
846 Views
Last Modified: 2013-12-09
Hello..... is it possible to white list a network or host address? I have a situation where a NAT'ed ip is being blocked possibly because of the number of connections coming through. Any input will be appreciated. Thanks.
0
Comment
Question by:cavacamite
  • 2
  • 2
4 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 22707897


CSS perfroms NAT, it is also a content service device, load balancer, etc .... The CSS doe snot handle spam or deal with DOS attacks.

harbor235 ;}
0
 

Author Comment

by:cavacamite
ID: 22708014
Thanks. See the DOS output below. The source address is the one experiencing problems accessing the destination ip. The CSS isn't configured to block anything. Could there be any default values on the CSS causing the problem?
DOS Attack Event  1:
First Attack: 10/13/2008 15:47:56
Last Attack:  10/13/2008 16:09:01
Source Address: A.B.C.D  Destination Address: A.B.R.T
Event Type: SYN Attack Total Attacks: 402

0
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 22711272


The DOS feature on the CSS is informational only, it provides statistics on potential attacks and allows you to send SNMP traps to alrt you, it doe snot perfrom DOS mitigation. You can accumulate statistics and you can also reset those statistics for monitoring purposes. I did not this feature existed until yooumade me look at it, thanx

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/administration/guide/SNMP.html#wp1051871

harbor235 ;}
0
 

Author Comment

by:cavacamite
ID: 22712426
Thanks very much for your help. That means back to troubleshooting the issue.
0

Featured Post

New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Spam being sent using SMTP sever 10 86
Spoofed Email 10 64
Spam mails from a compromised internal computer 5 62
Why antispam update not working in forefront for exchange? 2 64
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now