Hi, What about denying this host in inbound ACL on Inside interface? Another option would be setting embryonic connections to 0 for that host.
Regards, Piotr 2011/11/20 parvez ahmad <[email protected]> > Hi All, > > We have host that is compromised by worm. That PC is sending significant > amount of traffic towards the firewall(Syn Flood). Most of the packets are > denied by firewall. But it is consuming CPU and Memory of the firewall. Due > the dependence of the vendor we can't disconnect the PC from the network. > > In this case i want my firewall to stable, In other words that firewall > will not process any packet that is coming from that PC. > > There is only one way to achieve this task by using command Shun(IP > address of PC). or there is any other way as well. > > Thanks in advance. > > Regards, > Parvez > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
