Special security features
Issue 5 June 2008
81
SYN attack notification
When the SYN cookies feature is enabled, the G250/G350 alerts the administrator to a
suspected SYN attack as it occurs by sending the following syslog message:
Maintaining SYN cookies
Use the following commands to show and clear SYN cookies statistics:
●
Enter
show tcp syn-cookies
to show SYN cookies statistics.
Note:
Note:
For an example and explanation of SYN cookies statistics, see
Avaya G250 and
Avaya G350 CLI Reference
, 03-300437.
●
Enter
clear tcp syn-cookies counters
to clear the SYN cookies counters.
Summary of SYN cookies configuration commands
For more information about these commands, see
Avaya G250 and Avaya G350 CLI
Reference
, 03-300437.
Managed Security Services (MSS)
Media Gateway IP interfaces and gateway applications such as WAN routers, PoE switches,
and VPN devices can be at risk for DoS attacks. The G250/G350 identifies predefined or
custom-defined traffic patterns as suspected attacks and generates SNMP notifications,
referred to as Managed Security Services (MSS) notifications.
SYN attack suspected! Number of unanswered SYN requests is greater
than 20 in last 10 seconds
.
Table 13: Master Configuration Key configuration commands
Command
Description
clear tcp syn-cookies
counters
Clear the SYN cookies counters
show tcp syn-cookies
Show SYN cookies statistics for inbound TCP connections
tcp syn-cookies
Enable or disable the TCP SYN cookies defense mechanism
against SYN attacks
Summary of Contents for Media Gateway G250
Page 1: ...Administration for the Avaya G250 and Avaya G350 Media Gateways 03 300436 Issue 5 June 2008 ...
Page 24: ...Contents 24 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 32: ...Introduction 32 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 38: ...Configuration overview 38 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 244: ...Configuring logging 244 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 258: ...Configuring VoIP QoS 258 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 370: ...Configuring SNMP 370 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 548: ...Configuring the router 548 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 664: ...Configuring policy 664 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 686: ...Setting synchronization 686 Administration for the Avaya G250 and Avaya G350 Media Gateways ...