Parvez,
Is there any router between the FW and the PC... then you can use FPM http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6723/product_data_sheet0900aecd8034bd93.html http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6723/prod_white_paper0900aecd80633b0a.pdf You will need to figure about packet details coming out from the PC to configure this. Regards, FNK On Sun, Nov 20, 2011 at 9:30 PM, parvez ahmad <[email protected]>wrote: > PC is sending packet to multiple destination IPs(online zombies). > > Regards, > Parvez > > > On Mon, Nov 21, 2011 at 1:29 AM, FNK <[email protected]> wrote: > >> Is there any layer 3 or router between the firewall and pc? If yes then >> put a null route for the destination of the syn flood on the router. The >> Packet will never reach the firewall >> >> >> FNK >> Sent from an iPhone >> >> >> On Nov 20, 2011, at 12:24, parvez ahmad <[email protected]> wrote: >> >> > Hi All, >> > >> > We have host that is compromised by worm. That PC is sending >> significant amount of traffic towards the firewall(Syn Flood). Most of the >> packets are denied by firewall. But it is consuming CPU and Memory of the >> firewall. Due the dependence of the vendor we can't disconnect the PC from >> the network. >> > >> > In this case i want my firewall to stable, In other words that firewall >> will not process any packet that is coming from that PC. >> > >> > There is only one way to achieve this task by using command Shun(IP >> address of PC). or there is any other way as well. >> > >> > Thanks in advance. >> > >> > Regards, >> > Parvez >> > _______________________________________________ >> > For more information regarding industry leading CCIE Lab training, >> please visit www.ipexpert.com >> > >> > Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
