Configure Shunning on the PIX Security Appliance
Example of shunning an attacker

In Figure , host 172.26.26.45 has been attempting a DNS zone transfer from host 192.168.0.10 using a source port other than the well-known DNS port of TCP 53. The offending host (172.26.26.45) has made a connection with the victim (192.168.0.10) with TCP.

The connection in the PIX Security Appliance connection table reads as follows:

172.26.26.45, 4000 → 10.0.0.11 PROT TCP

If the shun command is applied as shown in Figure , the PIX Security Appliance deletes the connection from its connection table and prevents packets from 172.26.26.45 from reaching the inside host.