Cisco Systems ASA 5580 Manual De Usuario

The following is sample output from the show threat-detection shun command:

ciscoasa# show threat-detection shun

Shunned Host List:

10.1.1.6

192.168.6.7

To release the host at 10.1.1.6, enter the following command:

ciscoasa# clear threat-detection shun 10.1.1.6

The following is sample output from the show threat-detection scanning-threat attacker command:

ciscoasa# show threat-detection scanning-threat attacker

10.1.2.3

10.8.3.6

209.165.200.225

 lists each feature change and the platform release in which it was implemented.

 [ip_address 

[mask]]

Releases a host from being shunned. If you do not 
specify an IP address, all hosts are cleared from 
the shun list.

[attacker | target]

Displays hosts that the ASA decides are attackers 
(including hosts on the shun list), and displays the 
hosts that are the target of an attack. If you do not 
enter an option, both attackers and target hosts are 
displayed.

Scanning threat detection

8.0(2)

Scanning threat detection was introduced.

The following commands were introduced: 
threat-detection scanning-threat, threat-detection rate 
scanning-threat, show threat-detection scanning-threat, 
show threat-detection shun, clear threat-detection shun.

Shun duration

8.0(4)/8.1(2)

You can now set the shun duration,

The following command was introduced: threat-detection 
scanning-threat shun duration.