Cisco 2924-XL to filter DoS attacks?

[LostinIT]

Hellllo group! I recently purchased some real equipment for my small web hosting company. One of those items is a Cisco 2924-XL 24 port switch. (I have only been using an HP Procurve unmanaged 24 port (2124) up to this point)

I, like many, am very new to deploying a managed switch. I was told that having a managed switch such as this would allow me to get a handle on DoS brute force attacks on my FTP server; is this true?

When I had my FTP server up, I was receiving multiple DoS brute force attacks from multiple Chinese IP addresses; alot of which changed rapidly. Some days, I would receive 7500+ attempts in a span of an hour! I have since had to take my FTP server down...

I have searched Cisco to high heaven to no avail...

Here is what I am currently running:

1) SpeedStream 5200 DSL router (sorry-haven't upgraded this yet; provided by my ISP) Ports are forwarded to appropriate server.
2) Cisco 2924-XL 24 port switch (nothing configured except IP and level 15 password)IOS version 12.0(5.2)XU Enterprise Edition.(No switch clusters, just a standalone)
3) ALL servers running WIndows 2000 Server (all updates and patches applied), dual NICs teamed for fault tolerance.

What I am looking for is some assistance in configuring my Cisco 2924-XL to help filter these attacks so I can once again give my customers FTP access to their websites...

Any assistance would be profoundly appreciated...

 

[BuckWeet]

No that is not true.. A 2924XL is a layer2 only switch, it has no intelligence at all..

You need a layer3/4 capable switch to do anything such as what you're requesting..

I think you're trying to make a network switching/routing device perform functions that a firewall would provide..


BuckWeet