Application Delivery (ADX)

Reply
Contributor
Posts: 39
Registered: ‎05-04-2009

Is there any way to get a list all "attacker" IPs talking about the SYN-Guard/-Proxy feature at the ServerIron?

One of my customers is using syn-guard/-proxy to get some protection against syn-attacks (syn-flood). They would like to get a list of attacker IPs out of the ServerIron so that they are able to see where they come from and so on. Is this possible?

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Is there any way to get a list all "attacker" IPs talking about the SYN-Guard/-Proxy feature at the ServerIron?

There is no way to get a list of attack ip addresses. SYN-Guard/-Proxy is a feature implemented in ASICs to get the performance required to handle huge attacks. The stuff would have to hit the normal CPUs to create a list of IP addresses which would hit the performance very hard. SYN-Guard is going to keep the status of a connection at the network itself - the ServerIron is not going to allocate any resources for this and it is as well not starting to create a list of IP addresses.

I am sorry for this.

Contributor
Posts: 39
Registered: ‎05-04-2009

Re: Is there any way to get a list all "attacker" IPs talking about the SYN-Guard/-Proxy feature at the ServerIron?

Thanks!

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.