Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet

Page of 1214
 
3-16
思科 ASA 系列命令参考,命令
 
 3       show as-path-access-list  show auto-update 命令
  show asp drop
    This counter is incremented when the security appliance receives a TCP packet whose 
size is smaller than minimum-allowed header length or does not conform to the received 
packet length.
Recommendation:
    The invalid packet could be a bogus packet being sent by an attacker.
Investigate the traffic from source in the following syslog.
Syslogs:
    500003.
----------------------------------------------------------------
Name: invalid-udp-length
Invalid UDP Length:
    This counter is incremented when the security appliance receives a UDP packet whose 
size as calculated from the fields in header is different from the measured size of packet 
as received from the network.
Recommendation:
    The invalid packet could be a bogus packet being sent by an attacker.
Syslogs:
    None.
----------------------------------------------------------------
Name: no-adjacency
No valid adjacency:
    This counter is incremented when the security appliance has tried to obtain an 
adjacency and could not obtain mac-address for next hop.The packet is dropped.
Recommendation:
    Configure a capture for this drop reason and check if a host with specified 
destination address exists on connected network or is routable from the device.
Syslogs:
   None.
----------------------------------------------------------------
Name: unexpected-packet
Unexpected packet:
    This counter is incremented when the appliance in transparent mode receives a non-IP 
packet, destined to its MAC address, but there is no corresponding service running on the 
appliance to process the packet.
Recommendation:
    Verify if the appliance is under attack.If there are no suspicious packets, or the 
device is not in transparent mode, this counter is most likely being incremented due to a 
software error.Attempt to capture the traffic that is causing the counter to increment and 
contact the Cisco TAC.
Syslogs:
    None
----------------------------------------------------------------
Name: no-route
No route to host:
    This counter is incremented when the security appliance tries to send a packet out of 
an interface and does not find a route for it in routing table.