• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 478
  • Last Modified:

DoS attack

Is it possible to block certain foreign countries altogether to prevent a DoS attack, also what else can be done to prevent a DoS attack on a public facing 3845 Cisco ISR?
0
dcawood
Asked:
dcawood
3 Solutions
 
englanddgCommented:
Not the best answer, but you can set the firewall to ignore entire IP blocks?

Country assigned blocks are here:

http://www.nirsoft.net/countryip/

That being said, you'll still get the traffic, and the firewall will still need to handle it (even if it's just ignoring it...)
0
 
Pancake_EffectCommented:
The ISP can filter the IP range for you, thus diverting the problem before it even reaches you.

On your side however, the best way to manage it is to install a firewall box on the network. You can prevent some common DDOS attacks by blocking certain ports and turning off pings to the device. On a Cisco 5510 for example you can set it up to detect such things as well to help prevent issues. That however won't stop a DDOS attack overall, it will still spend it's resources trying to block it. That's why if it's a active DDOS attack I would call the ISP to block the IP range.
0
 
Tony GiangrecoCommented:
I suggest contacting your ISP. normally unless you have an enterprise type account, they won't do much. We use Sonicwall and their Geo-IP filter which allows us to block all foreign countries. You might want to look into a Cisco option that does the same.

You might also try moving to a new IP and putting it into stealth mode with Ping turned off so they can't detect you as easily.

Hope this helps!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now