![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496294.webp)
11-10
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
How to Enable Specific-IP Detection for the TCP Protocol for Port-based Detections Only for
Dual-sided Attacks
Step 1
From the SCE(config if)# prompt, type
attack-filter protocol TCP dest-port specific attack-direction
dual-sided
and press
Enter
.
How to Disable Specific-IP Detection for Protocols Other than TCP, UDP, and ICMP for all Attack
Directions
Step 1
From the SCE(config if)# prompt, type
no attack-filter protocol other
and press
Enter
.
How to Disable Specific-IP Detection for ICMP for Single-sided Attacks Defined by the Source IP
Step 1
From the SCE(config if)# prompt, type
no attack-filter protocol ICMP attack-direction
single-side-source
and press
Enter
.
How to Configure the Default Attack Detector
•
Options, page 11-11
•
How to Define the Default Action and Optionally the Default Thresholds, page 11-11
•
How to Reinstate the System Defaults for a Selected Set of Attack Types, page 11-12
•
How to Reinstate the System Defaults for All Attack Types, page 11-12
Use these commands to configure the values for the default attack detector for the following parameters:
•
Attack handling action
•
Thresholds
•
Subscriber notification
•
Sending an SNMP trap
If a specific attack detector is defined for a particular attack type, it will override the configured default
attack detector.