Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
195
Views
0
Helpful
2
Replies

Newbie - IDS

olorunloba
Level 5
Level 5

‎07-14-2004 10:47 AM - edited ‎03-09-2019 08:04 AM

I'm interested in knowing how to automatically detect and block traffic that basically are scanning a range of ip address, or port. I've realised that a lot internet worms perform this scan, and it might be advantageous if the firewall or router can detect it and then block the ip from which it is coming.

Labels:
0 Helpful
2 Replies 2

a.arndt
Level 3
Level 3

‎07-15-2004 05:41 AM

I'm afraid that your question is a bit too broad for this particular forum, IMHO.

If you already have Cisco IDS and/or Cisco PIX Firewalls, then perhaps someone here may be able to offer specific advice to help you out but we'll need to know what equipment you have at your disposal.

The generic answer to your question though is quite simple:

Use a Cisco IDS to detect the activity and then use its ability to dynamically configure a PIX or router (known as a block) to stop this traffic from impacting your network.

0 Helpful

olorunloba
Level 5
Level 5
In response to a.arndt

‎07-16-2004 12:35 AM

Thanks

Using 3640 router running Firewall feature set, can it be done? and how

0 Helpful
Customers Also Viewed These Support Documents