How to find Source IP of DOS attack source
How we can find IP address of DOS Attack source ?
I know DOS attack prevention mechanisms like CAR, CoPP, IP Source Tracker, URPF, Blocking RFC1918 address using ACL, RTBHF, IP options drop (in high end platforms), TCP intercept.
Consider DOS attack is going on here and I know the ip address of target host.
But what I am trying to do is to find source ip of DOS attack and complile acl to block it manually. Kindly let me know how I can figure out those IPs on cisco router.