Dear all!
i'm testing fuction IPS of ASG,
---[ISP]----[ASG]---[Mailserver]
i use software "DosHttp" to attack Webserver. ASG log it, but don't drop.
"2009:11:18-04:52:20 MS-ASTARO ulogd[3984]: id="2103" severity="info" sys="SecureNet" sub="ips" name="SYN flood detected" action="SYN flood" fwrule="60012" seq="0" initf="eth1" outitf="unknown" dstmac="00:1a:8c:19:0f:81" srcmac="00:00:00:00:00:00" srcip="192.168.1.31" dstip="192.168.0.3" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="2685" dstport="80" tcpflags="SYN"
Why? please help me?
This thread was automatically locked due to age.
