how to stop denial of service in a 1700 router

how to stop denial of service in a 1700 router
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
how to stop denial of service in a 1700 router jcharth 09-02-2005
Posted by on September 2, 2005, 3:09 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello My router is getting a flood of udps, the error could be a denial
of service attack. what do i do the block it? I see a lot of large size
udp packets. Could it be a wrong subnet mask.
Thanks



Pure Networks
Posted by www.BradReese.Com on September 3, 2005, 9:09 am
If you were  Registered and logged in, you could reply and use other advanced thread options
You may wish to investigate Cisco Security Strategies for Attack
Defense, Tracking or Mitigation:

http://www.bradreese.com/cisco-security-advisories.htm#STRATEGIES

Hope this helps.

Brad Reese
BradReese.Com Cisco Repair Service Experts
http://www.bradreese.com/index.htm#EXPERTS
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272



Posted by Igor Mamuzic on September 3, 2005, 6:10 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
You need first do detect what kind of UDP traffic it's about (what udp ports
are used?)...

You can discover this (if you don't have netflow analyzer) by creating an
ACL as follows (ACL number is only an example, please check 'show
access-list 100' output to find out if there is already ACL 100 configured
on your router):
access-list 100 permit udp any any log
access-list 100 permit ip any any

Place this ACL on the interface where this susspicious traffic enters your
router...

Then execute 'show log' and you'll see what kind of udp traffic it's about.
Then you can create adequate ACL that will block that traffic...

B.R.
I

> Hello My router is getting a flood of udps, the error could be a denial
> of service attack. what do i do the block it? I see a lot of large size
> udp packets. Could it be a wrong subnet mask.
> Thanks
>




Similar ThreadsPosted
IPSec & Denial of Service January 4, 2005, 6:15 pm
Denial of Service attack against Cisco/Linksys SR2016 16 x 1 gige port switch? February 25, 2005, 4:14 pm
Router stop after decompressing IOS Cisco 837 November 24, 2004, 1:33 pm
ISDN - How to stop a router dialling up on bootup September 27, 2006, 2:47 pm
A non-Cisco router, BDCOM 1700 Router Series June 28, 2008, 4:27 am
1700 router FXO error December 22, 2004, 3:13 pm
Cisco 1700 Router July 25, 2008, 8:00 am
Very strange ftp problems through 1700 router. August 14, 2005, 2:12 pm
How to public a service behind a PIX changing the port of the service. March 7, 2005, 12:48 pm
WebVPN and remote admin denial May 30, 2007, 10:05 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map