Cisco SCE 1000 2xGBE User's Guide Page 239

  • Download
  • Add to my manuals
  • Print
  • Page
    / 490
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 238
Chapter 9 Identifying And Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
SCE 1000 2xGBE Release 2.0.10 User Guide
OL-7117-02 9-7
[no] attack-filter subscriber-notification ports
no attack-detector <number>
Note
All the above CLI commands are line interface configuration commands. You must enter line interface
configuration mode and see the SCE 1000(config if)# prompt displayed.
Enabling Specific-IP Detection
By default, specific-IP detection is disabled, however the user may enable it.
To disable Specific-IP Detection:
Step 1 From the SCE 1000(config if)# prompt, type no attack-filter and press
Enter.
To enable Specific-IP Detection:
Step 1 From the SCE 1000(config if)# prompt, type attack-filter and press
Enter.
Default Attack Detector
Use these commands to define default thresholds and attack handling action. If a specific attack
detector is defined for a particular situation (protocol/attack direction/side), it will override these
defaults. The default values configured for the default attack detector are:
Default action: Report
Default TCP thresholds:
Concurrently open flows: 10000
DDoS-suspected flows: 2000
Default UDP thresholds:
Concurrently open flows: 10000
DDoS-suspected flows: 5000
Default ICMP/Other flows:
Concurrently open flows: 1000
DDoS-suspected flows: 500
Subscriber notification: Disabled
Page view 238
1 ... 238 239 240 ... 490

Comments to this Manuals

No comments