[c-nsp] Automatic responses from events in a PIX
Asbjorn Hojmark - Lists
lists at hojmark.org
Tue Oct 16 07:13:39 EDT 2007
> I have a user who claims that they've configured their PIX to
> take an action after it sees a certain number of rogue packets
> (ie, portscan). They claim that it's configured to stop all
> traffic after it sees 70 rogue packets from any one given IP.
>
> In my years of administrating PIXs I don't recall ever coming
> across a reactionary feature such as this.
There are various ways to do stuff along those lines. See
http://tinyurl.com/ywt5th and, most notably, Threat Detection
in 8.0.
-A
More information about the cisco-nsp
mailing list