Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
579
Views
4
Helpful
1
Replies

Latest NTP Amplication attack

Jhun Banzuela
Level 1
Level 1

‎03-13-2014 01:14 AM - edited ‎03-10-2019 06:09 AM

Hi CISCO Expert,

 

Do we have signature for this attack?

 

http://www.darkreading.com/attacks-breaches/high-bandwidth-ntp-amplification-ddos-at/240166609

 

 

Regards,

Jhun

Labels:
0 Helpful
1 Reply 1

Ravi Singh
Level 7
Level 7

‎04-18-2014 07:49 AM

Intrusion-prevention systems (IPS) are effective if the attacks have signatures associated with them. However, the trend among the attacks is to have legitimate content but bad intent. Intrusion-prevention systems which work on content recognition cannot block behavior-based DoS attacks.[citation needed]

An ASIC based IPS may detect and block denial of service attacks because they have the processing power and the granularity to analyze the attacks and act like a circuit breaker in an automated way.[citation needed]

A rate-based IPS (RBIPS) must analyze traffic granularly and continuously monitor the traffic pattern and determine if there is traffic anomaly. It must let the legitimate traffic flow while blocking the DoS attack traffic.

I am searching the exact signature. I will let you know ASAP

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card