Luke,
source changes all times and I am aware of destination IP
(( If source was same I would have applied an ACL ))
On Sun, Jul 11, 2010 at 8:51 AM, Abraham, Tharak <tharakabraham_at_gmail.com>wrote:
> Asif,
>
> Provided you have an idea about the source and destination !
> Configs looks to be correct.
>
> Best Regards,
> Tharak Abraham Luke
>
>
> On Sun, Jul 11, 2010 at 11:06 AM, A Asif <asif.abr_at_gmail.com> wrote:
>
>> *thank you Luke for replying, is this correct as config*
>>
>> access-list 112 permit tcp any host 192.168.99.10
>>
>> interface fa 0/1
>> rate-limit input access-group 112 8000 8000 8000 conform-action transmit exceed-action drop
>>
>> end
>>
>>
>>
>>
>> On Sun, Jul 11, 2010 at 6:44 AM, Abraham, Tharak <tharakabraham_at_gmail.com
>> > wrote:
>>
>>> Asif,
>>>
>>> As Tyson recommended why dont you restrict Syn with CAR ?
>>> Its better than nothing i feel.
>>>
>>> I dont think a router can do more than that...-:)
>>>
>>>
>>> Best Regards,
>>> Tharak Abraham Luke
>>>
>>>
>>> On Sat, Jul 10, 2010 at 8:47 PM, A Asif <asif.abr_at_gmail.com> wrote:
>>>
>>>> Thanks to all for replying
>>>>
>>>> Not really. *( reply to Sadiq ) *
>>>>
>>>> TCP Intercept didnt help, so doubt if rate limit would help *( reply to
>>>> Scott Tyson ) *
>>>>
>>>> Upstream provider can block international traffic that would help, but
>>>> was
>>>> curios to see if router can help* ( reply to Pete Lumbis )*
>>>>
>>>>
>>>>
>>>> On Fri, Jul 9, 2010 at 1:49 PM, Sadiq Yakasai <sadiqtanko_at_gmail.com>
>>>> wrote:
>>>>
>>>> > Is the destination of the attack fairly known though?
>>>> >
>>>> > On Fri, Jul 9, 2010 at 10:48 AM, A Asif <asif.abr_at_gmail.com> wrote:
>>>> >
>>>> >> Hi
>>>> >>
>>>> >> DDOS attack on perimeter router.
>>>> >>
>>>> >> - IP Intercept doesnt help
>>>> >> - Source IP is changing :-)
>>>> >>
>>>> >>
>>>> >> Any Help to overcome this....
>>>> >>
>>>> >>
>>>> >> Blogs and organic groups at http://www.ccie.net
>>>> >>
>>>> >>
>>>> _______________________________________________________________________
>>>> >> Subscription information may be found at:
>>>> >> http://www.groupstudy.com/list/CCIELab.html
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >>
>>>> >
>>>> >
>>>> > --
>>>> > CCIE #19963
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sun Jul 11 2010 - 08:54:48 ART
This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART