CSS DoS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2002 05:38 PM
Is DoS protection a built-in feature of CSS11500?
How to configure DoS and how to block intrusion from the output of show dos ?
Thanks,
tony
- Labels:
-
Application Networking
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2002 11:05 PM
DoS is built in to the CSS, there is no configuration for it expect for snmp trap generation for DoS detection. CSS is not a firewall, its DoS detection is limited to obvious things, such as source and destination addresses being the same - land, smurf, half open syn, loopback or broadcast addresses, source address that the box owns etc.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-19-2002 06:31 AM
I have found that false DoS error alerts are generated when my load balanced servers try to open connections to other servers that are down. The CSS sees a device sending SYN packets for connections that never open.
