Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
716
Views
0
Helpful
2
Replies

denying attacking IP on PIX

edgrant
Level 1
Level 1

‎10-07-2002 11:32 AM - edited ‎02-20-2020 10:17 PM

can someone please confirm or correct me on this. i have an IP addy that has been scanning my network off/on for a few hours. i have already contacted the administrator for this IP's network(a college campus) via email and left him a voicemail, but have not heard back yet. i want to completely deny this IP until i have spoken with this admin and addressed this issue. i am not positive that i am entering the correct command, so if someone could confirm the command i would appreciate it. TIA

access-list 110 deny tcp host x.x.x.x any

0 Helpful
2 Replies 2

steve.barlow
Level 7
Level 7

‎10-07-2002 11:43 AM

Use IP, not just tcp: "access-list 110 deny ip host x.x.x.x any"

Also look into the "shun" command: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/s.htm#xtocid20 .

Use the "icmp" command if you want your PIX to not be pinged (can block all icmp as well) any more as well: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/gl.htm#xtocid5 .

Hope it helps.

Steve

0 Helpful

nnorthedge
Level 1
Level 1

‎10-07-2002 11:47 AM

For the access list you may want to deny ip, instead of just tcp. You'll also need to apply the access list to the interface:

access-group 110 in interface outside

You can only have one access list applied to an interface at a time, so if you already have one on the outside interface, you'll have to combine the two.

Norman

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card