Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
3
Replies

Syn attacks

k.heselmans
Level 1
Level 1

‎02-08-2001 09:35 AM - edited ‎03-08-2019 07:59 PM

Is there a possible other way beside CSS switches and rate-limits on the router to prevent Syn floods on our internet uplinks/Transits?

A Pix is not in the picture yet:)

Labels:
0 Helpful
3 Replies 3

ciscomoderator
Community Manager
Community Manager

‎02-13-2001 10:05 AM

The focus of this board is Virtual Private Networks, however, there are a number of professionals online who may be able to assist you.

If you don't get a suitable response to your post, you may wish to reveiw this document on Cisco.com:

http://www.cisco.com/warp/public/707/4.html

If anyone else in the forum has some pointers, please reply to this thread.

Thank you for posting.

0 Helpful

brian.perry
Level 1
Level 1

‎02-14-2001 08:06 AM

An ACL on your head-in routers? We use CSIDS (Netranger) to detect and apply ACLs dynamically. Its good for syn floods and such, not so good for more complex stuff, Unicode, etc., we have to depend on Cisco for the signatures, ...but then again, there is no perfect IDS.

0 Helpful

richard
Level 1
Level 1
In response to brian.perry

‎05-10-2001 01:36 PM

We've implemented the NetRanger, but had some difficulty with ACL updates, i.e. the Device Management Module. I would really be interested in how you find the ACL updates working for you?

What is your experience with the Netranger signature update frequency and completeness?

Thanks for any info.

0 Helpful
Customers Also Viewed These Support Documents