Configuring Shunning
Shunning is a appellation acclimated in the IDS ambience to call blocking cartage from an
attacking host; it is configured on the PIX application the afterward command:
shun
This abode briefly blocks all cartage from the defined antecedent IP
address.To block all traffic, the antecedent IP abode of 10.0.1.1, use the following
command:
PIX1(config)# avoid 10.0.1.1
You can additionally abjure specific cartage from the antecedent IP by allegorical a source
port, destination IP address, and destination anchorage number. After the avoid command
is entered, the PIX deletes all analogous admission from its centralized connection
table and drops all added packets that bout the command’s parameters.
The activity of this command takes antecedence over admission account entries and alike security
levels on interfaces; all defined cartage is blocked, whether the behind host
is on the central or alfresco of the interface. In adjustment to abolish this blocking
action, use the agnate no command. For example:
PIX1(config)# no avoid 10.0.1.1
This command is activating and is not displayed or stored in the configuration.
If you appetite to appearance alive shuns, use the appearance avoid command.The bright shun
command deletes all avoid entries.