Cisco ASA URL Filtering/Blacklisting using Botnet Traffic Filter

Here are some useful show commands to troubleshoot or view statistics

show dynamic-filter data

dynamic-filter database find 

show dynamic-filter reports top botnet-sites

show dynamic-filter reports top infected-hosts

show dynamic-filter reports top botnet-ports
clear dynamic-filter statistics

The dynamic filter statistics can be cleared at any time with this command. To clear the statistics for a certain interface use the optional interface nameif keyword for the command.

clear dynamic-filter reports top [botnet-sites | botnet-ports | infected-hosts]

This command will reset all statistics back to 0 and remove all entries from the reports.

clear dynamic-filter dns-snoop

This command deletes all of the entries from the DNSRC. DNS reverse Cache Information.

Related Posts with Thumbnails

About the Author

Alfred Tong
Author and owner of this blog. A Networking enthusiast, full time networking and systems Engineer. Generally curious about all things IT.Certifications: GIAC GSEC, CCNP-S, CCNP, CCSP, CCDP, CCNA, RHCE, JNCIA - FWV