[nsp] BGP sessions drop during DOS and general DOS protections.

Christopher J. Wolff chris at bblabs.com
Mon Jul 21 22:16:49 EDT 2003


Hello,

You all have been so wonderful with the responses I thought I'd throw
another question out there.

Have you seen a DOS attack come through one of your BGP peers that
bounced your BGP session?  Then, to add insult to injury, it bounces the
IGP sessions for all of your internal peers?  This really makes the
phones ring.  

So, I read through Cisco's document on preventing DOS and tried to
implement the TCP intercept function to help lower my risk.  It seems
like the TCP intercept function is broken.  It created a huge database
of connections and then locked out my users until the CPU bogged down to
100%

I'd appreciate any advice on anti-dos access lists I can implement or
features I can turn on in the FW/IDS versions of the IOS.  Thank you.

Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
http://www.bblabs.com 




More information about the cisco-nsp mailing list