Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1161
Views
0
Helpful
1
Replies

Create a custom signature to rate limit (packet/sec) on IPS 4200?

hiepnguyenho
Level 1
Level 1

‎12-10-2011 02:30 AM - edited ‎03-10-2019 05:33 AM

Hello everyone,

There's a lot of public and simple tool to flood attack a host with TCP, UDP packet. These tools can send TCP/UDP packet very fast and quickly bring down weak network devices & servers.

We are going to public a website and i'm worry about risk of attacking. I put IPS 4260 in DMZ to protect server. When I turn on default signature, it can not prevent DoS flood attack.

So could you please help to me create a custom signature that can check packet per second? For example, if there are more than 10 pps, IPS must deny attacker inline or something... I have tried to make a custom signature based on Flood Net engine, set the rate, gap, but I dont really understand these parameters and it does not work.

Please guide me something to do that. Thank you very much.

Regards,

Hiep Nguyen.

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card