Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
1
Replies

FirePOWER DOS attack Test Scenario

Joshua_Engels
Level 1
Level 1

‎05-21-2018 04:50 AM - edited ‎02-21-2020 07:47 AM

Hi Everyone,

 

I have a customer who wanted to see FirePOWER FMC events in action based of a couple of test scenario's.  We decided to connect upstream from their FirePOWER device and run some test attacks from a laptop.  For one of the test, we used HPING3 to initiate a Denial of Service attack on the firewall's external IP and also on a server that was NAT'd to the outside.  In both instances, we saw that the traffic was not seen as an attack and was permitted through the firewall.  What should we have expected?  Is a single laptop attacking using HPING3 not enough?  It took us running a "Hail Mary" scan from Kali Linux before we were able to generate anything to show up as an attack.  I would have expected to have seen more things blocked.  Thoughts?

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Bogdan Nita
VIP Alumni
VIP Alumni

‎05-25-2018 06:01 AM

How is the Rate-Based Attack Prevention configured ?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card