About William Gill

William Gill · 04-03-2014

We are receiving thousands of "Deny inbound UDP from x.x.x.x/53 to x.x.x.x/2713 due to DNS Response" per minute on our ASA 5510. All of the responses are destined to a signal one of our external IP's. This is overloading the our ASA and preventing tr...

William Gill · 04-07-2014

The Cisco TAC - Engineer we spoke to recommended we allow any any udp port 53 inbound to correct the problem. I don't see how allowing udp port 53 traffic into our network would solve the problem but it with stop the deny messages. Does this sound li...

William Gill · 04-07-2014

The Cisco TAC - Engineer we spoke to recommended we allow any any udp port 53 inbound to correct the problem. I don't see how allowing udp port 53 traffic into our network would solve the problem but it with stop the deny messages. Does this sound li...

William Gill · 04-07-2014

Thanks. This is why we are in the process of replacing our ASA's with a NGFW.

William Gill · 04-07-2014

Thanks for the reply. I figured it was some type of reflective DNS attack but I just wasn't sure if anything could be be done on the ASA to stop it. It appears like there isn't. I've contacted my isp but they don't seem to be in any hurry to call me ...

William Gill · 04-03-2014

We are receiving thousands of these same "Deny inbound UDP from x.x.x.x/53 to x.x.x.x/2713 due to DNS Response" per minute on our ASA 5510. This is overloading the ASA and preventing traffic getting thru to the Internet during these attacks. Any sugg...

Member Since	‎04-03-2014 07:00 PM
Date Last Visited	‎01-17-2020 12:04 AM
Posts	6

User Statistics

User Activity

Deny inbound UDP flood

The Cisco TAC - Engineer we

The Cisco TAC - Engineer we

Thanks. This is why we are in

Thanks for the reply. I

We are receiving thousands of