Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi guys, I'm running a firepoower 2100 with asa image 9.12.2. An interface of the firewall is connected to production network in a uncontrolled space. For this reason I was trying to check some sort of network attack on that interface to double check...
Hi guys, As per my understanding a good way to protect an internal network from a syn attack ( not directed to the switch / router ) to another network client on the same subnet is using tcp intercept. What can I do if on my switches ( 9300 / 2960-XR...
I had a TAC with a Cisco Engineer. This firewall can't handle correctly this kind of attack. During the attack the CPU rise up to 100% due to a quantity of SYS packet even enabling the thread detection ( with shun ) or using a service-policy limiting...
I'm still stuck with this behaviour. In the next few days, I'll have to open a TAC case I suppose to try to solve it before in production. Any other input is really much appreciated. Thanks
A small update after few tests. The CPU stuck at 100% seems to be not due to neither the thread detection policy nor the TCP inspection.I simply disabled the two check and block all the incoming traffic on the external interface with an ACL ( deny IP...
A small update. After several tests I realized that the configuration looks good. If on the Kali Vm I launch the command hping3 -c 15000 -d 120 -S -w 64 -p 8080 192.168.10.35 without "--flood" the ASA perfectly handle the exception and the embryonics...
@balaji.bandi wrote:what is your KALI IP address. ? here is the good document and verification, your config ok, but make sure Kali not in trusted device ?https://integratingit.wordpress.com/2018/01/07/prevent-tcp-attacks-on-cisco-asa/ Also check with...
.png "Arumugam Muthaiah"){kind=avatar}
