attacco DoS
Inviato: ven 22 feb , 2013 9:42 am
Ciao a tutti, sto subendo un attacco Mostruoso sul router Cisco.
La banda in Download è praticamente saturata e sulla lan ho staccato tutto,ma il disastro continua!La banda in download è costante e satura ma la configurazione del mio Cisco è un COLABRODO! anche se riesco ancora a ragiungerlo da remoto.
Io ho fatto solo un access list per uscire fuori in nat e per raggiungerlo da remoto dal mio IP.
Dietro c'è un firewall che protegge la rete interna ma il problema è che l' attacco mi satura il cisco!!
HELP PLEASE
version 11.2
no service finger
service nagle
no service pad
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Router
enable secret 5 $1$NF70$EkGvUFFFXXXXXXXXeiNjiW8zhYXHJBdGI1
!
no ip source-route
ip nat inside source list 1 interface Serial0/0.1 overload
ip nat inside source list 101 interface Serial0/0.1 overload
ip nat inside source static tcp 192.168.250.2 22 77.XX.XX.XX 22 extendable
ip nat inside source static tcp 192.168.250.2 80 77.XX.XX.XX 80 extendable
ip tcp window-size 2144
ip tcp synwait-time 10
no ip bootp server
ip name-server XX.XX.XX.1
ip name-server XX.XX.XX.2
!
interface Ethernet0/0
ip address 192.168.250.1 255.255.255.0
ip nat inside
no logging event subif-link-status
ntp broadcast
no cdp enable
!
interface Serial0/0
no ip address
encapsulation frame-relay IETF
no logging event subif-link-status
bandwidth 1024
ntp disable
no fair-queue
!
interface Serial0/0.1 point-to-point
ip address 77.XX.XX.XX 255.255.255.252
ip nat outside
no arp frame-relay
no cdp enable
frame-relay interface-dlci 20 IETF
!
interface TokenRing0/0
no ip address
no logging event subif-link-status
shutdown
ring-speed 16
no cdp enable
!
ip classless
ip route 0.0.0.0 0.0.0.0 77.XX.XX.XX
access-list 1 permit 192.168.250.0 0.0.0.255
access-list 2 permit 67.XX.XX.XX 0.0.0.255
access-list 2 permit 57.XX.XX.XX 0.0.0.255
no cdp run
!
line con 0
password 7 070B29424Dcc0E1F1141
transport output none
line aux 0
no exec
line vty 0 4
access-class 2 in
password 7 082F45195Dcc14044042
login
!
ntp authentication-key 10 md5 05cccc05121F2A4957 7
ntp authenticate
ntp trusted-key 10
ntp server 172.X.X.X key 10
end
La banda in Download è praticamente saturata e sulla lan ho staccato tutto,ma il disastro continua!La banda in download è costante e satura ma la configurazione del mio Cisco è un COLABRODO! anche se riesco ancora a ragiungerlo da remoto.
Io ho fatto solo un access list per uscire fuori in nat e per raggiungerlo da remoto dal mio IP.
Dietro c'è un firewall che protegge la rete interna ma il problema è che l' attacco mi satura il cisco!!
HELP PLEASE
version 11.2
no service finger
service nagle
no service pad
service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname Router
enable secret 5 $1$NF70$EkGvUFFFXXXXXXXXeiNjiW8zhYXHJBdGI1
!
no ip source-route
ip nat inside source list 1 interface Serial0/0.1 overload
ip nat inside source list 101 interface Serial0/0.1 overload
ip nat inside source static tcp 192.168.250.2 22 77.XX.XX.XX 22 extendable
ip nat inside source static tcp 192.168.250.2 80 77.XX.XX.XX 80 extendable
ip tcp window-size 2144
ip tcp synwait-time 10
no ip bootp server
ip name-server XX.XX.XX.1
ip name-server XX.XX.XX.2
!
interface Ethernet0/0
ip address 192.168.250.1 255.255.255.0
ip nat inside
no logging event subif-link-status
ntp broadcast
no cdp enable
!
interface Serial0/0
no ip address
encapsulation frame-relay IETF
no logging event subif-link-status
bandwidth 1024
ntp disable
no fair-queue
!
interface Serial0/0.1 point-to-point
ip address 77.XX.XX.XX 255.255.255.252
ip nat outside
no arp frame-relay
no cdp enable
frame-relay interface-dlci 20 IETF
!
interface TokenRing0/0
no ip address
no logging event subif-link-status
shutdown
ring-speed 16
no cdp enable
!
ip classless
ip route 0.0.0.0 0.0.0.0 77.XX.XX.XX
access-list 1 permit 192.168.250.0 0.0.0.255
access-list 2 permit 67.XX.XX.XX 0.0.0.255
access-list 2 permit 57.XX.XX.XX 0.0.0.255
no cdp run
!
line con 0
password 7 070B29424Dcc0E1F1141
transport output none
line aux 0
no exec
line vty 0 4
access-class 2 in
password 7 082F45195Dcc14044042
login
!
ntp authentication-key 10 md5 05cccc05121F2A4957 7
ntp authenticate
ntp trusted-key 10
ntp server 172.X.X.X key 10
end