![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496299.webp)
11-15
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
How to Define the Subscriber Notification Setting for a Specific Attack Detector
Use the following command to set the subscriber notification setting for a given attack detector and
selected set of attack types.
Step 1
From the SCE(config if)# prompt, type
attack-detector
number
protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (notify-subscriber|don't-notify-subscriber)
and press
Enter
.
Defines the subscriber notification setting for the specified attack detector
How to Define the SNMP Trap Setting for a Specific Attack Detector
Use the following command to enable or disable sending an SNMP trap for a given attack detector and
selected set of attack types.
Step 1
From the SCE(config if)# prompt, type
attack-detector
number
protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (alarm|no-alarm)
and press
Enter
.
Defines the SNMP trap setting for the specified attack detector.
How to Define the List of Destination Ports for TCP or UDP Protocols for a Specific Attack Detector
Use the following command to define the list of destination ports for specific port detections for TCP or
UDP protocols.
Step 1
From the SCE(config if)# prompt, type
attack-detector
number
TCP-port-list|UDP-port-list
(all|
(
port1
[
port2, port3…
])
and press
Enter
.
Defines the port list for the specified protocol and attack detector.