[c-nsp] Shunning Traffic on ASA's

Ramcharan, Vijay A vijay.ramcharan at verizonbusiness.com
Mon Feb 11 09:39:03 EST 2008


In your situation, what is/are the implication(s)/ramification(s) of
having the firewall start shunning traffic to/from legitimate sources
which may have been identified as malicious? 
I think that might indicate whether you should or shouldn't implement
it. 

>From a technical and practical perspective, I can't provide any feedback
as I've never implemented it. 
 
Vijay Ramcharan 
  
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Christian Koch
Sent: February 11, 2008 09:16
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Shunning Traffic on ASA's

Does anyone actually use this?

IS there any reasons NOT to use it?

Advantages/Disadvantages of using it?

I've never used it myself, but am wondering if it is a decent quick way
to
mitigate attacking ip's

Thanks!
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list