Re: DOC CD reference

From: V.Shekhar@GlobalAssurance.net
Date: Thu May 08 2008 - 15:40:50 ART

• Next message: Paul Dardinski: "RE: AIM-CUE for 2611XM"
• Previous message: Joseph Brunner: "RE: Prepend routes redistribute from OSPF to BGP"
• Maybe in reply to: Amir.Tahir/Wateen/Lahore: "DOC CD reference"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

For SMURF u can do couple of things:

a.) enable uRPF check
http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schrpf.html

b.) Disable Directed broadcasts
http://www.cisco.com/en/US/docs/ios/12_4/ip_addr/configuration/guide/adr_1chip.html

c.) Use ACL to stop incoming Echo requests.

For TCP SYN packets again there are a couple of things u can do.

a.) Standard Rate limit incoming SYN req

b.) use TCP intercept feature.
http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schdenl.html

For Fragment Packets:
 Filter using ACL with protocol as IP and "Fragment" keyword at the end.

HTH,
-V Shekhar
CCIE(sec)#17589/CISSP/RHCE.

Amir.Tahir/Wateen/Lahore wrote:
> Hi there,
>
>
>
> I will be grateful if anyone Could let me know where do I look the
> following topics in Doc CD.
>
>
>
> 1: Smurf Attack
>
> 2: TCP SYN Packets
> <http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_tech_no
> te09186a00800fb50a.shtml#rate_limit_tcp_syn>
>
> 3: fragment Packets
>
>
>
>
>
> Regards /AT
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Paul Dardinski: "RE: AIM-CUE for 2611XM"
• Previous message: Joseph Brunner: "RE: Prepend routes redistribute from OSPF to BGP"
• Maybe in reply to: Amir.Tahir/Wateen/Lahore: "DOC CD reference"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:16 ART