Application Delivery (ADX)

Reply
New Contributor
Posts: 2
Registered: ‎12-21-2014

DOS attack and source ip address

HI,

 

i am facing issue on ADX to identify the source ip address of attacker. we have two smtp servers and the adx is configured as nat source ip address to real servers.

 

so when the attacker from the lan is doing DOS to the virtual-server. the real server get busy to respond or the services of smtp are down.

 

how do i know the attacker ip address and how do i stop the DOS attack on all servers including ADX1000

 

thanks

Contributor
Posts: 74
Registered: ‎08-18-2011

Re: DOS attack and source ip address

You have following options to protect against attack:
1. You can use syn proxy feature to drop attack packets.
2. You can configure client trl on the vip to rate limit clients.it can also show the clients that are rate limited for new connections.
3. To protect real servers you can also use server max-conn feature.

Hope that helps.
-Mohit
-Mohit Sahni

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.