![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496296.webp)
11-12
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
Step 1
From the SCE(config if)# prompt, type
attack-detector default protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)]) |ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) [action (report|block)] [open-flows-rate
number
suspected-flows-rate
rate
suspected-flows-ratio
ratio
]
and press
Enter
.
Configures the default attack detector for the defined attack type.
Step 2
From the SCE(config if)# prompt, type
a
ttack-detector default protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (notify-subscriber|don't-notify-subscriber)
and press
Enter
.
Enables or disables subscriber notification by default for the defined attack type.
The attack type must be defined the same as in Step 1.
Step 3
From the SCE(config if)# prompt, type
attack-detector default protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)]) |ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (alarm|no-alarm)
and press
Enter
.
Enables or disables sending an SNMP trap by default for the defined attack type.
The attack type must be defined the same as in Step 1.
How to Reinstate the System Defaults for a Selected Set of Attack Types
Use the following command to delete user-defined default values for action, thresholds, subscriber
notification, and sending an SNMP trap for a selected set of attack types, and reinstate the system
defaults.
Step 1
From the SCE(config if)# prompt, type
default attack-detector default protocol (((TCP|UDP)
[dest-port (specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both)
and press
Enter
.
Reinstates the system defaults for the defined attack types.
How to Reinstate the System Defaults for All Attack Types
Step 1
From the SCE(config if)# prompt, type
default attack-detector default
and press
Enter
.
Reinstates the system defaults for the defined attack types.