[c-nsp] Stop SYN Attack
Jason Alex
amr.ccie at gmail.com
Fri Oct 30 18:07:07 EDT 2009
Dear All,
I have a TCP SYN attack on one of my routers (Cisco 7206), which
causes the traffic to increase 100 Mbps on the Uplink interface
This router is a PE router in a MPLS environment
when i configured access-list to block the attack source , this causes the
CPU utilization of the 7206 router to reach 100 %
Does anyone knows how to block this kind of TCP SYN attack ?
Does using TCP Intercept on the 7206 router will cause the CPU processing to
reach the max also or not ?
Thanks
Jason
CCIE#24775
More information about the cisco-nsp
mailing list