2.1.0 0.0.0.255 established
Permits packets with the
ACK control bit set to
enter the router
Edge(config)#access-list 103 deny ip any any
log
Denies all other packets
from entering the router,
and logs any instance in
which this statement was
used
Edge(config)#interface fastethernet 0/0 Moves to interface
con?¬?guration mode
Edge(config-if)#ip access-group 103 in Takes all access list lines
that are de?¬?ned as being
part of group 103 and
applies them in an
inbound manner
108 Using ACLs to Filter Network Traf?¬?c to Mitigate Threats
DoS TCP SYN Attacks: Using TCP Intercept
TCP Intercept is a very effective tool for protecting internal network hosts from external
TCP SYN attacks. TCP Intercept protects internal hosts from SYN ?¬‚ood attacks by
intercepting and validating TCP connection requests before the requests reach the hosts.
Valid connections (those connections established within the con?¬?gured thresholds) are
passed on to the host. Invalid connection attempts are dropped.
CAUTION: Because TCP Intercept examines every TCP connection attempt, TCP
Intercept can impose a performance burden on your routers. Always test for any
performance problems before using TCP Intercept in a production environment.
Pages:
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102