Kings I found this a little frustrating myself especially considering when you have asa as a blocking device, you get a lot of failure messages in the log due to certain methods being unsupported. Unfortunately I couldn't find a way to bypass this for certain devices. Not sure whether this has changed in the latest code though.
Stu Sent from my iPhone On 30 Nov 2009, at 05:57, Kingsley Charles <[email protected]> wrote: > Hi all > > We can configure the sesnor to "Request block host"and "Request Rate > limit." If these actions are configured for the signatures and the > signatures are triggered, request is sent to > routers/switches that are present in the blocking devcies list. > > > My understanding is that the request is sent to all the devices in > the blocking device list. > > In that case, the block request or rate limit will be also sent to > devices that are not relevent to the attack. > > Is there any way where we can tie the blocking request or rate limit > request triggered by signature to specific hosts or subset of hosts > in the blocking device list defined in the sensor. > > > > With regards > Kingsley Charles > _______________________________________________ > For more information regarding industry leading CCIE Lab training, > please visit www.ipexpert.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
