hit counter script

Security-Suite Dos Protect - Cisco 300 Series Cli Manual

Stackable managed switches
Hide thumbs Also See for 300 Series:
Table of Contents

Advertisement

Denial of Service (DoS) Commands
OL-32830-01 Command Line Interface Reference Guide

16.6 security-suite dos protect

To protect the system from specific well-known Denial of Service (DoS) attacks,
use the security-suite dos protect Global Configuration mode command. There
are three types of attacks against which protection can be supplied (see
parameters below).
To disable DoS protection, use the no form of this command.
Syntax
security-suite dos protect
no security-suite dos protect
Parameters
attack
add/remove
—Specifies the attack type to add/remove. To add an attack is
to provide protection against it; to remove the attack is to remove protection.
The possible attack types are:
stacheldraht—Discards TCP packets with source TCP port 16660.
invasor-trojan—Discards TCP packets with destination TCP port 2140 and
source TCP port 1024.
back-orifice-trojan—Discards UDP packets with destination UDP port
31337 and source UDP port 1024.
Default Configuration
No protection is configured.
Command Mode
Global Configuration mode
User Guidelines
For this command to work,
globally.
Example
The following example protects the system from the Invasor Trojan DOS attack.
{add attack | remove attack
show security-suite configuration
16
}
must be enabled
370

Advertisement

Table of Contents
loading

Table of Contents