Hello My router is getting a flood of udps, the error could be a denial of service attack. what do i do the block it? I see a lot of large size udp packets. Could it be a wrong subnet mask. Thanks
- posted
18 years ago
Hello My router is getting a flood of udps, the error could be a denial of service attack. what do i do the block it? I see a lot of large size udp packets. Could it be a wrong subnet mask. Thanks
You may wish to investigate Cisco Security Strategies for Attack Defense, Tracking or Mitigation:
Brad Reese BradReese.Com Cisco Repair Service Experts
You need first do detect what kind of UDP traffic it's about (what udp ports are used?)...
You can discover this (if you don't have netflow analyzer) by creating an ACL as follows (ACL number is only an example, please check 'show access-list 100' output to find out if there is already ACL 100 configured on your router): access-list 100 permit udp any any log access-list 100 permit ip any any
Place this ACL on the interface where this susspicious traffic enters your router...
Then execute 'show log' and you'll see what kind of udp traffic it's about. Then you can create adequate ACL that will block that traffic...
B.R. I
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.