cisco FireWall Log ( is it normal for this amount of attacks )

Discussion in 'other firewalls' started by canadacode, Jan 26, 2015.

  1. canadacode

    canadacode Registered Member

    Joined:
    Jan 26, 2015
    Posts:
    1
    today already at 95- tcp or udp port scans, few lan-side floods and a few . 1 ip fragmented packet... is this normal, some days it alot higher,
     
  2. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I'd need to look at the lots, a lot of these could be false hits.

    However, depending on company size/profile, configuration of the UTM, and other factors - it's not abnormal. My home network routinely repulses between 10,000-20,000 attacks, injections, and scans a week. It depends on what device I use, if I swap to a ZyXEL USG210, the number rises significantly because it hits on almost everything. Untangle isn't chatty, but still protective, but Untangle doesn't bother you with 'stuff' that doesn't find a point of attack or vector, so it appears quiet, when in reality it's saving you headaches/worry. Ciscos can be very chatty, Fortigate's tend to not be chatty, and if they hit you know it's a precise attack with IPS Sig.
     
Loading...