topic Query on Cisco ASA Configuration. in Network Security

Query on Cisco ASA Configuration.

Mahi Gurram — Tue, 12 Mar 2019 03:32:42 GMT

Hello All,

How can i protect my ASA firewall against:

1. Denial of Service (Land Attack)

2. SYN Flood attack

Please let me know the CLI commands to do it.

Thanks in advance.

-Mahi

Query on Cisco ASA Configuration.

Mariusz Bochen — Mon, 20 Jan 2014 16:15:25 GMT

Hi Mahi,

Simple and effective way to prevent some of these is to set embryonic connection limit on all static NAT entries which are facing outside interface.

Command depend on which IOS you are running. More info here:

http://www.cisco.com/en/US/docs/security/asa/asa83/upgrading/migrating.html

Table 11 shows both (old and new) config example.

Hope that helps.

Obviously the best solution is to get an IPS.

Regards

Mariusz

Query on Cisco ASA Configuration.

Mahi Gurram — Fri, 24 Jan 2014 07:32:43 GMT

Hi Mariusz Bochen,

Thank you so much for your response.

Can't ASA handle these kind of attacks by default?

Anyways your answer is helpful.

Thanks & Best Regards,

Mahi

Query on Cisco ASA Configuration.

Julio Carvajal — Fri, 24 Jan 2014 12:28:07 GMT

Hello Mahi,

Actually it does.

I mean for Land Attacks the ASA will generate the following message:

%ASA-session-2-106017: Deny IP due to Land Attack from to

This by default.

Know for SYN flood attack you can relay on things such as treath detection but you could also configure more restrictive security policies with MPF to avoid the unnecesary flood of traffic.

Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com