I dont think it would work, if the attack corresponds to the local network.... rate limiting can do the trick on this one...of the protocol... if the attack comes to the router a rate limit to the protocol in question can mitigate the attack... Either on the interface or the CoPP
Mike From: [email protected] To: [email protected]; [email protected] Date: Tue, 5 Jun 2012 12:59:35 +0000 CC: [email protected] Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface how about using the 'ip verify unicast reverse-path' command on the input interface on the router at the upstream end of the connection Regards, Elizabeth Date: Tue, 5 Jun 2012 16:30:43 +0530 From: [email protected] To: [email protected] CC: [email protected] Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface Not ACL but some interface command should be the answer. I just saw this question floating... With regards Kings On Tue, Jun 5, 2012 at 2:58 PM, Matt Hill <[email protected]> wrote: Off the top of my head... An ACL with the broadcast address as the destination? (???) Cheers, Matt CCIE #22386 CCSI #31207 On 5 June 2012 18:03, Kingsley Charles <[email protected]> wrote: > Hi all > > How do we block smurf attacks on an interface other than using "no ip > directed-broadcast"? I can't think of any other commands. > > > With regards > Kings > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
