https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325812#M332319 <HTML><HEAD></HEAD><BODY><P> Hi Fawad,</P><P></P><P>Check the below link. It may give some idea...</P><P></P><P><A href="http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml">http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml</A></P><P></P><P>Thx</P><P>MS</P></BODY></HTML> Thu, 26 Sep 2013 21:17:04 GMT mvsheik123 2013-09-26T21:17:04Z https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325811#M332318 <P>Hi,</P><P>I am trying to block intrusion on DNS servers on Internet edge FWSM. Usually during an event there are a lot of (limit ia 1 Million) connection on DNS servers whic trigger FWSM mem and cpu to 100%. I have reducede UDP idle time to 1 minute. </P><P></P><P>What are other suggestions. I don't have IPS. The only defence is on FWSM. Can I create a policy that would limit number of connections from an outside source to say for example 500. </P><P></P><P>ANy other suggestions ?</P><P></P><P>Thanks</P> Tue, 12 Mar 2019 02:43:36 GMT https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325811#M332318 S891 2019-03-12T02:43:36Z https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325812#M332319 <HTML><HEAD></HEAD><BODY><P> Hi Fawad,</P><P></P><P>Check the below link. It may give some idea...</P><P></P><P><A href="http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml">http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml</A></P><P></P><P>Thx</P><P>MS</P></BODY></HTML> Thu, 26 Sep 2013 21:17:04 GMT https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325812#M332319 mvsheik123 2013-09-26T21:17:04Z https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325813#M332320 <HTML><HEAD></HEAD><BODY><P style="background-color: #ffffff; border-collapse: collapse; font-size: 12px; list-style: none; font-family: Arial, verdana, sans-serif;">hi</P><P></P><P style="background-color: #ffffff; border-collapse: collapse; font-size: 12px; list-style: none; font-family: Arial, verdana, sans-serif;">if you configured netflow check the the flow, enable dns inspection and dns gurd...</P><P style="background-color: #ffffff; border-collapse: collapse; font-size: 12px; list-style: none; font-family: Arial, verdana, sans-serif;">you can refer <A href="http://www.cisco.com/web/about/security/intelligence/dns-bcp.html" rel="nofollow" style="border-collapse: collapse; list-style: none; outline: none; color: #2f6681; text-decoration: none;">http://www.cisco.com/web/about/security/intelligence/dns-bcp.html</A></P><P></P><P style="background-color: #ffffff; border-collapse: collapse; font-size: 12px; list-style: none; font-family: Arial, verdana, sans-serif;">Thanks</P><P style="background-color: #ffffff; border-collapse: collapse; font-size: 12px; list-style: none; font-family: Arial, verdana, sans-serif;">Pranesh</P></BODY></HTML> Fri, 27 Sep 2013 01:22:43 GMT https://community.cisco.com/t5/network-security/prevent-attacks-on-dns-server-on-asa-fwsm/m-p/2325813#M332320 pranesh deshpande 2013-09-27T01:22:43Z