Security-Suite Syn Protection Mode - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
Denial of Service (DoS) Commands
78-21075-01 Command Line Interface Reference Guide
50.10 security-suite syn protection mode
Use the security-suite syn protection mode Global Configuration mode command
to set the TCP SYN protection mode.
Use the no form of this command to set the TCP SYN protection mode to default.
Syntax
security-suite syn protection mode {
no security-suite syn protection mode
Parameters
•
The feature is disabled.
disabled—
•
The feature reports about TCP SYN traffic per port (including
report—
rate-limited SYSLOG messages when an attack is identified).
•
block – the TCP SYN traffic from attacking ports destined to the local
system is blocked, and a rate-limited SYSLOG message (one per minute) is
generated.
Default Configuration
The default mode is block.
Command Mode
Global Configuration mode
User Guidelines
On ports in which an ACL is defined, this feature cannot block TCP SYN packets. If
the protection mode is block, but SYN traffic cannot be blocked, a relevant
SYSLOG message is created, e.g.: "port gi1 is under TCP SYN attack. TCP SYN
traffic cannot be blocked on this port since the port is bound to an ACL."
Examples
The following example sets the TCP SYN protection feature to report
Example 1—
TCP SYN attack on ports in case an attack is identified from these ports.
switchxxxxxx(config)#
...
disabled
security-suite syn protection mode report
|
report
|
block
}
50
851
Advertisement
Table of Contents
