Security-Suite Dos Protect - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
Denial of Service (DoS) Commands
78-21075-01 Command Line Interface Reference Guide
switchxxxxxx(config-if)#
50.2
security-suite dos protect
Use the security-suite dos protect Global Configuration mode command to
protect the system from specific well-known Denial of Service (DoS) attacks.
There are three types of attacks against which protection can be supplied (see
parameters below).
Use the no form of this command to disable DoS protection.
Syntax
security-suite dos protect
no security-suite dos protect
Parameters
add/remove
attack
—Specifies the attack type to add/remove. To add an attack is
to provide protection against it; to remove the attack is to remove protection.
The possible attack types are:
•
stacheldraht—Discards TCP packets with source TCP port 16660.
•
invasor-trojan—Discards TCP packets with destination TCP port 2140 and
source TCP port 1024.
•
back-orifice-trojan—Discards UDP packets with destination UDP port
31337 and source UDP port 1024.
Default Configuration
No protection is configured.
Command Mode
Global Configuration mode
User Guidelines
For this command to work,
{add attack | remove attack
security-suite enable
}
must be enabled globally.
50
841
Advertisement
Table of Contents
