TCPSYN碎片的防御

当你知道是哪一台机器受到攻击： accesslist 103 deny tcp any host 10.0.0.1 established ! Let established sessions run fine accesslist 103 permit tcp any host 10.0.0.1 ! We are just going to rate limit the initial tcp SYN packet, ! as the othe

当你知道是哪一台机器受到攻击：

access−list 103 deny tcp any host 10.0.0.1 established

!−− Let established sessions run fine

access−list 103 permit tcp any host 10.0.0.1

!−− We are just going to rate limit the initial tcp SYN packet, !−− as the other packets in interface

rate−limit input access−group 103 8000 8000 8000 conform−action transmit exceed−action drop

当你不知道哪一台机器或者几台受到攻击

access−list 104 deny tcp any any established

!−− Let established sessions run fine

access−list 104 permit tcp any any

!−− We are just going to rate limit the initial tcp SYN packet, as the other packets !−− in interface

rate−limit input access−group 104 64000 8000 8000 conform−action transmit

exceed−action drop