hi,
You need to check further if your IOS version and router platform supports
it but, I can suggest uRPF as the "BEST" solution in your case (first turn
on CEF). However, rate-limiting (CAR) ICMP traffic on that interface would
also work well.
Since you have a 2610, I suggest you do some planning, coz depending on the
amount of traffic you have, ACLs etc can kill your CPU. uRPF takes up much
less CPU cycles than ACLs.
Take a look at this link for rate-limiting.
http://www.cisco.com/warp/public/732/Tech/car/index.html
HTH
regards,
Bosco
-----Original Message-----
From: Navin Parwal [mailto:parwal@xxxxxxxx]
Sent: Wednesday, April 21, 2004 9:07 AM
To: cisco@xxxxxxxxxxxxxx
Subject: DOS Attack Prevention [7:87534]
Hi ,
I am getting a DOS attack of ICMP type 11 Code 0 attack on my 2610 router
which is coming from the WAN interface of the router .
this source IP address of the ICMP packet which is coming to our router
is spoofed with the WAN interface address .
Please let me know what is the best way to monitor and prevent such
attacks.
Navin Parwal
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=87535&t=87534
--------------------------------------------------
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
