kinda off topic but

To: debian-isp@lists.debian.org
Subject: kinda off topic but
From: Allen Ahoffman <ahoffman@announce.com>
Date: Wed, 13 Dec 100 09:01:28 -0500 (EST)
Message-id: <[🔎] 200012131401.JAA23883@announce.com>

Hi:
For those who understand tcp intercept on Cisco IOS 12 and up:

Can I set up mroe than one access list for example:
access-list 120
permit any 207.17.130.5
permit any 207.17.130.6

then set the mins and max's' valuese just for that list
and then
set up
access-list 121
permit any 208.242.120.5
permit any 207.106.88.99
and set separate values for mins and max(s) for that list

The problem i see is that when using tcp intercept you set thresholds for
when to take action against syn floods, but if you combine lots of systems
into the access-lsit, it will take action, or the threshold is so high
that normal operation would permit syn flood on one server  while not
triggering the change.

suggestions?

Reply to:

Prev by Date: screen blanking tanks
Next by Date: Locked accounts
Previous by thread: screen blanking tanks
Next by thread: Locked accounts
Index(es):
- Date
- Thread