Cisco ASA Scanning Attack ... Need Assistance

Greetings. We have a Cisco ASA 5512-X.  The network has been slow today. Pings to known sites are 1500-3500ms, when usually 30-50 or so.

I noticed a short while ago that our ASA is encountered 2,500 continuous possible scanning attacks.  I'm relatively new to security, but can get around ASDM.

Can anyone guide me to determine the source of the attacks and how to block the IP / range on the Cisco ?

Thanks much.

Screenshot below:

Cisco ASA 5512-X Scanning Attack.
Who is Participating?
lapavoniConnect With a Mentor Author Commented:
OK, hate to do this, but I figured it out.  I enabled storm control on the two ports the NAS is using, following these procedures. They are Cisco 2960Gs:
lapavoniAuthor Commented:
Update:  I got a million of these:      8912      51003      UDP request discarded from to inside:

Looks like a broadcast flood from an internal host.  I rebooted the system (unfortunately a backup NAS) and the problem subsided.

So on that note, anyone know how to configure the ASA to stop these ? Or is it a configuration on the switch or host that neeeds to be done ?

lapavoniAuthor Commented:
After thorough investigation, and some panic, I found the culprit and solution.  Posted the link above.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.