topic FirePOWER DOS attack Test Scenario in Network Security https://community.cisco.com/t5/network-security/firepower-dos-attack-test-scenario/m-p/3386354#M921444 <P>Hi Everyone,</P> <P>&nbsp;</P> <P>I have a customer who wanted to see FirePOWER FMC events in action based of a couple of test scenario's.&nbsp; We decided to connect upstream from their FirePOWER device and run some test attacks from a laptop.&nbsp; For one of the test, we used HPING3 to initiate a Denial of Service attack on the firewall's external IP and also on a server that was NAT'd to the outside.&nbsp; In both instances, we saw that the traffic was not seen as an attack and was permitted through the firewall.&nbsp; What should we have expected?&nbsp; Is a single laptop attacking using HPING3 not enough?&nbsp; It took us running a "Hail Mary" scan from Kali Linux before we were able to generate anything to show up as an attack.&nbsp; I would have expected to have seen more things blocked.&nbsp; Thoughts?</P> Fri, 21 Feb 2020 15:47:35 GMT Joshua_Engels 2020-02-21T15:47:35Z FirePOWER DOS attack Test Scenario https://community.cisco.com/t5/network-security/firepower-dos-attack-test-scenario/m-p/3386354#M921444 <P>Hi Everyone,</P> <P>&nbsp;</P> <P>I have a customer who wanted to see FirePOWER FMC events in action based of a couple of test scenario's.&nbsp; We decided to connect upstream from their FirePOWER device and run some test attacks from a laptop.&nbsp; For one of the test, we used HPING3 to initiate a Denial of Service attack on the firewall's external IP and also on a server that was NAT'd to the outside.&nbsp; In both instances, we saw that the traffic was not seen as an attack and was permitted through the firewall.&nbsp; What should we have expected?&nbsp; Is a single laptop attacking using HPING3 not enough?&nbsp; It took us running a "Hail Mary" scan from Kali Linux before we were able to generate anything to show up as an attack.&nbsp; I would have expected to have seen more things blocked.&nbsp; Thoughts?</P> Fri, 21 Feb 2020 15:47:35 GMT https://community.cisco.com/t5/network-security/firepower-dos-attack-test-scenario/m-p/3386354#M921444 Joshua_Engels 2020-02-21T15:47:35Z Re: FirePOWER DOS attack Test Scenario https://community.cisco.com/t5/network-security/firepower-dos-attack-test-scenario/m-p/3389238#M921445 <P>How is the Rate-Based Attack Prevention configured ?</P> Fri, 25 May 2018 13:01:50 GMT https://community.cisco.com/t5/network-security/firepower-dos-attack-test-scenario/m-p/3389238#M921445 Bogdan Nita 2018-05-25T13:01:50Z