Cisco ASA Series Cli Configuration Manual page 1446

Configuring Scanning Threat Detection
Command
clear threat-detection shun [ip_address
[mask]]
show threat-detection scanning-threat
[attacker | target]
Examples
The following is sample output from the show threat-detection shun command:
hostname# show threat-detection shun
Shunned Host List:
10.1.1.6
192.168.6.7
To release the host at 10.1.1.6, enter the following command:
hostname# clear threat-detection shun 10.1.1.6
The following is sample output from the show threat-detection scanning-threat attacker command:
hostname# show threat-detection scanning-threat attacker
10.1.2.3
10.8.3.6
209.165.200.225
Feature History for Scanning Threat Detection
Table 1-6
Table 1-6 Feature History for Scanning Threat Detection
Feature Name
Scanning threat detection
Shun duration
Cisco ASA Series CLI Configuration Guide
1-18
lists each feature change and the platform release in which it was implemented.
Platform
Releases
8.0(2)
8.0(4)/8.1(2)
Chapter 1
Purpose
Releases a host from being shunned. If you do not
specify an IP address, all hosts are cleared from
the shun list.
Displays hosts that the ASA decides are attackers
(including hosts on the shun list), and displays the
hosts that are the target of an attack. If you do not
enter an option, both attackers and target hosts are
displayed.
Feature Information
Scanning threat detection was introduced.
The following commands were introduced:
threat-detection scanning-threat, threat-detection rate
scanning-threat, show threat-detection scanning-threat,
show threat-detection shun, clear threat-detection shun.
You can now set the shun duration,
The following command was introduced: threat-detection
scanning-threat shun duration.
Configuring Threat Detection