View Single Post
  #5  
Old 10-02-2012, 03:22 PM
VAXman's Avatar
VAXman(Admin) VAXman is offline
progger propellerhead
 
Join Date: Dec 2003
Location: Presently reside in Jackson (southern) NJ (20 miles east of NEARfest 2002 & 2003
Posts: 2,362
Send a message via AIM to VAXman Send a message via Skype™ to VAXman
Re: Recent DDoS Attacks

OK. I believe I have this right. I've enabled some of the Cisco's policing action. The rules I've put in place (using the lowest values the Cisco would allow me) should slow down any would be DNS floods that aren't already dropped with the ACLs I've added.

Code:
class-map match-all DDoS match protocol dns policy-map Throttle-DDoS class DDoS police 8000 1000 1000 conform-action transmit exceed-action drop violate-action drop interface FastEthernet4 description INTERNET service-policy input Throttle-DDoS : :
This SHITE has occupied yet another day of my life, permitting me little time to work on the stuff that inevitably keeps the Guinness flowing.
__________________
VAXman -- Watcher of the moon, watcher of all.
----------------Mopper of the moon, mopper of all.
-------------------- Aural Moon's Janitorial Services
---------------------and Restroom Supplies, and Techno-patsy --

Cogito ergo iMac.         
Reply With Quote