thanks for your answers. You just took off one of my weakest part of ASAs.

I will scratch it out of my list then

On Tue, Oct 12, 2010 at 8:16 PM, Tyson Scott <[email protected]> wrote:

>  I am not going to answer the question directly but this is a feature of
> 8.2.  Focus on the version for the test.
>
>
>
> Regards,
>
>
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
>
> Managing Partner / Sr. Instructor - IPexpert, Inc.
>
> Mailto: [email protected]
>
> Telephone: +1.810.326.1444, ext. 208
>
> Live Assistance, Please visit: www.ipexpert.com/chat
>
> eFax: +1.810.454.0130
>
>
>
> IPexpert is a premier provider of Self-Study Workbooks, Video on Demand,
> Audio Tools, Online Hardware Rental and Classroom Training for the Cisco
> CCIE (R&S, Voice, Security & Service Provider) certification(s) with
> training locations throughout the United States, Europe, South Asia and
> Australia. Be sure to visit our online communities at
> www.ipexpert.com/communities and our public website at www.ipexpert.com
>
>
>
> *From:* [email protected] [mailto:
> [email protected]] *On Behalf Of *Bruno
> *Sent:* Tuesday, October 12, 2010 4:03 PM
> *To:* CCIE Security Maillist
> *Subject:* [OSL | CCIE_Security] Threat-detection
>
>
>
> Supposing I am receiving a syn-attack on the ASA's outside interface. The
> rate I could see was about 3packets/sec trying to reach any internal
> web-server.
> How could we build the threat-detection seeking shun the attacker?
>
> I think we should have:
> threat-detection scanning-threat shun duration xxxxx
> threat-detection rate scanning-threat rate-interval 600 average-rate "no
> idea" burst-rate 30
>
> Well, the burst-rate will be 10sec, so if I set up 30 packets in 10 sec, I
> would get 3packets/sec
>
> Please, any input/thought would be greatly appreciated
>
> --
> Bruno Fagioli (by Jaunty Jackalope)
> Cisco Security Professional
>



-- 
Bruno Fagioli (by Jaunty Jackalope)
Cisco Security Professional
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Reply via email to