cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
242
Views
0
Helpful
6
Replies
Highlighted
Beginner

DOS Attcak ???

Hi,,

How can we detect that our Gatway router or Core router is under DOS attack....

and what should be the frist step ater the detection of DOS attack...

Thanks.

6 REPLIES 6
Highlighted
Beginner

Try configuring some kind of IDS on your perimeter devices.

Highlighted

Hi,,

Can you tell me with little detail?????

thanks

Highlighted

You get various IDS devices from Cisco & other vendors. Just need to google them. Google has everything.

Highlighted
Beginner

Hi,

We use dos prevention mechanism in our FWSM 3.1 by using static nat command. Does anybody know a way of monitoring embryonic connections by some show command and if it is taken into production.

thanks.

Highlighted

Try "sh conn". In the graphical interface also u can watch the current connection status...I guess.

Highlighted

You can do a basic monitor/block of Syn attacks using "TCP Intercept" feature under IOS. You can also monitor for sys/fragment/smurf attacks by creating an permit access-list matching the required traffic sype and using the log-input statement at the end.