thanks for your answers. You just took off one of my weakest part of ASAs. I will scratch it out of my list then
On Tue, Oct 12, 2010 at 8:16 PM, Tyson Scott <[email protected]> wrote: > I am not going to answer the question directly but this is a feature of > 8.2. Focus on the version for the test. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Bruno > *Sent:* Tuesday, October 12, 2010 4:03 PM > *To:* CCIE Security Maillist > *Subject:* [OSL | CCIE_Security] Threat-detection > > > > Supposing I am receiving a syn-attack on the ASA's outside interface. The > rate I could see was about 3packets/sec trying to reach any internal > web-server. > How could we build the threat-detection seeking shun the attacker? > > I think we should have: > threat-detection scanning-threat shun duration xxxxx > threat-detection rate scanning-threat rate-interval 600 average-rate "no > idea" burst-rate 30 > > Well, the burst-rate will be 10sec, so if I set up 30 packets in 10 sec, I > would get 3packets/sec > > Please, any input/thought would be greatly appreciated > > -- > Bruno Fagioli (by Jaunty Jackalope) > Cisco Security Professional > -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
