1753.book Page 660 Thursday July 22 2004 2:20 PM
Short summary:
On a Cisco router use the show processes cpu command to examine the routers CPU ..... Cisco can be used to decipher the exported information. ...
Long summary:
1753.book Thursday July 22 2004 2:20 PMPage 11753.book Thursday July 22 2004 2:20 PMPage 2C H A P T E R17DoS ProtectionOf the three categories of attacksreconnaissance access and denialofservice (DoS)DoS attacks are the easiest to implement yet the hardest to defeat. DoS attacks are based on packet flooding which uses up bandwidth CPU and memory resources on not just the victim device but also intervening devices such as routers switches and firewalls.When you are experiencing a DoS attack one of the first things you need to do is find out the actual kind of DoS attack that is affecting your network. As you will see in the first section of this chapter a variety of options are available to you including examining the CPU utilization of your routers using ACL statements with logging parameters and using NetFlow.When you know the kind of DoS attack directed at your network you can implement an appropriate solution. The remaining sections in this chapter focus on these solutions including TCP Intercept CBAC and rate limiting. Of course you always can use an ACL to block offending traffic; however this might introduce other problems such as the blocking of legitimate traffic. Therefore in many cases you need to use other tools such as the ones discussed in the last half of this chapter to deal with DoS issues.Detecting DoS AttacksA wide variety of DoS attacks can occur. The most common DoS attacks use UDP echos (Fraggle) ICMP echo and echo replies (Smurf) and TCP (TCP SYN flooding). Howeveryou never should assume that the DoS attack that you are experiencing falls under one of these three types: Some do not fall under these categories. Common AttacksOne of the most common DoS attacks is the Smurf attack which I covered in Chapter 7 Basic Access Lists. (Chapter 7 also covered how to use ACLs to deal with the Smurf attack.) In a Smurf attack the attacker sends a flood of ICMP messages to a reflector or sets of reflectors with the source IP address in the ICMP echo ...
Source: searchnetworking.techtarget.com
Search Terms:
Related
Cisco Systems Reusable Information Object Strategy, Cisco Cisco Systems and the Cisco Systems
logo are registered ... Cisco Systems
recognizes a need to move from creating
and delivering large inflexible ...,
more
Cisco Systems Corporate Timeline, found Cisco Systems. The company is named
for San Francisco gateway to the ......
Cisco Systems announces groundbreaking
12000 Terabit System. (Dec 99) ...,
more
Cisco IOS Firewall Intrusion Detection System, Cisco Systems has more than 200 offices in
the following countries and regions.
Addresses phone numbers and fax numbers
are listed on the ...,
more
