[c-nsp] Stop IP Fragmentation attck
Roland Dobbins
rdobbins at arbor.net
Tue Apr 26 13:54:53 EDT 2016
On 27 Apr 2016, at 0:50, Satish Patel wrote:
> Does cisco has config like following apply ACL base on criteria
Cisco has QoS.
But you really aren't being smart about this. Why not use S/RTBH on
your edge router to simply block the sources, since they aren't spoofed?
Export NetFlow from your edge router to an open-source
collection/analysis system, so that you can see the sources.
But you do know that most UDP reflection/amplification attacks are
high-volume, yes? So, your transit pipe may still be filled up due to
sheer bps.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the cisco-nsp
mailing list