Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
387
Visitas
3
ÚTIL
3
Respuestas

Cisco 3850 Massive requests from the LAN

Aleck_Sei
Level 1
Level 1

el ‎06-07-2023 01:46 AM

Hi all!

We have a LAN network with a CORE 3850 layer 3 switch and several 2960X layer 2 switches.

We have received a notice from a security agency indicating that a device on our network is making massive requests against a specific IP. The only thing they provide us is the public IP of our WAN router.

How can we determine, at the LAN level, which machine is the originator of these requests? Is there some kind of 'debug' for IP traffic where a destination IP can be indicated?

Thanks for your help.

Etiquetas:
3 RESPUESTAS 3

MHM Cisco World
VIP
VIP

el ‎06-07-2023 03:02 AM

meaning one PC in your network have virus send DDoS to ISP ?

Aleck_Sei
Level 1
Level 1
En respuesta a MHM Cisco World

el ‎06-07-2023 03:10 AM

Exactly!

How (for example through a 'debug' that shows the destination IP of the requests) could I locate the MAC address of that device?

Thank you very much

0 Útil

MHM Cisco World
VIP
VIP
En respuesta a Aleck_Sei

el ‎06-07-2023 03:22 AM

show interfaces | include line | input <<- in each SW, do this three or four times 
check the input traffic for each port which one is increase rapidly, then shut the port and check the DDoS with ISP 

Navegue y encuentre contenido personalizado de la comunidad

Videos de R&S Documentos de R&S Blogs de R&S
Customers Also Viewed These Support Documents