Feature history for scanning threat detection – Cisco ASA 5505 User Manual

56-18

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 56 Configuring Threat Detection

Configuring Scanning Threat Detection

Examples

The following is sample output from the show threat-detection shun command:

hostname# show threat-detection shun

Shunned Host List:

10.1.1.6

192.168.6.7

To release the host at 10.1.1.6, enter the following command:

hostname# clear threat-detection shun 10.1.1.6

The following is sample output from the show threat-detection scanning-threat attacker command:

hostname# show threat-detection scanning-threat attacker

10.1.2.3

10.8.3.6

209.165.200.225

Feature History for Scanning Threat Detection

Table 56-6

lists each feature change and the platform release in which it was implemented.

clear threat-detection shun

[ip_address

[mask]]

Releases a host from being shunned. If you do not
specify an IP address, all hosts are cleared from
the shun list.

show threat-detection scanning-threat

[attacker | target]

Displays hosts that the ASA decides are attackers
(including hosts on the shun list), and displays the
hosts that are the target of an attack. If you do not
enter an option, both attackers and target hosts are
displayed.

Command

Purpose

Table 56-6

Feature History for Scanning Threat Detection

Feature Name

Platform
Releases

Feature Information

Scanning threat detection

8.0(2)

Scanning threat detection was introduced.

The following commands were introduced:
threat-detection scanning-threat, threat-detection rate
scanning-threat, show threat-detection scanning-threat,
show threat-detection shun, clear threat-detection shun.

Shun duration

8.0(4)/8.1(2)

You can now set the shun duration,

The following command was introduced: threat-detection
scanning-threat shun duration.