From: Brian Dennis (brian@labforge.com)
Date: Tue Mar 04 2003 - 03:28:13 GMT-3
A: Use the "no ip directed-broadcast" interface command to stop ping
floods (Smurf attacks). It's on by default in IOS 12.0 and later (See
RFC 2644 for more information). For other "possible attacks" look into
using Cisco IOS IDS. To help guard against "spoofed" IP source addresses
use the "ip verify unicast reverse-path" interface command.
B: There is not a "rule of thumb" for route redistribution metrics. Use
your best judgment when setting a metric for redistribution.
Brian Dennis, CCIE #2210 (R&S/ISP Dial/Security)
brian@labforge.com
http://www.labforge.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Ciscolab
Sent: Monday, March 03, 2003 8:01 PM
To: ccielab@groupstudy.com
Subject: Questions
Hello, All
Would you please help me make the following question clearly, thanks.
A. Is there any way in Cisco routers to log the ICMP flooding attack
and other posssible attack, not use other equipment and software, just
IOS function.
B. Is there any rule to set the metric value for redistributed routes?
!!!!!!!!!!!!!!!!Ciscolab
!!!!!!!!!!!!!!!!ciscolab@vip.sina.com
!!!!!!!!!!!!!!!!!!!!2003-03-04
This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:31 GMT-3