We use dos prevention mechanism in our FWSM 3.1 by using static nat command. Does anybody know a way of monitoring embryonic connections by some show command and if it is taken into production.
You can do a basic monitor/block of Syn attacks using "TCP Intercept" feature under IOS. You can also monitor for sys/fragment/smurf attacks by creating an permit access-list matching the required traffic sype and using the log-input statement at the end.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
