[c-nsp] cisco 7500 UDP attack

Schahzad. Z Choudhry schahzad at khyber.net.pk
Wed Sep 20 05:39:32 EDT 2006


Hello,

i am using a cisco 7500 as my core router gateway to internet. some time i got 1000s of udp requests on any one of my ip address even if the machine is down.random source port random destination ports some time even random source ip (may be spoofed).

now because the flood is on random ports acls can only be applied on ip address but in that case some time 7500 stops to respond even on ethernet.

whenever there is any Dos attack i am in same situation do you guys recomend something to fight with dos attacks specially when its passing through cisco and stuking it.

i know about stoping Half open tcp connection and udp one way blocking at pix but is there any thing on cisco 7500 which can help.

IOS verios is 12.0(10)
7500 is with one e3 HSSi interface and some serials and fastethernet with rsp card.

Hope to get some hint 
Thanks and Regards
Schahzad


More information about the cisco-nsp mailing list