BlackNurse is based on ICMP with Type 3 Code 3 packets.
Type 3 Code 3 packets are "port-unreachable " in ACL.
access-list 101 deny icmp any any port-unreachable
int ve 100
ip access-group 101 in
ip access-group 101 out
In case of an ongoing attack and if the firewall is not properly configured, there will be a spike in CPU load and users from the LAN side may no longer be able to send/receive traffic to/from the Internet.
For best protection, it is recommended that user enable ICMP Flood Protection in Firewall Settings.