11-26
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Monitoring Attack Filtering
other |net.|source-only||Report| 500| 250|50 |No |No
other |net.|dest-only ||Report| 500| 250|50 |No |No
other |sub.|source-only||Report| 500| 250|50 |No |No
other |sub.|dest-only ||Report| 500| 250|50 |No |No
SCE#>
How to display all attack detector configurations
Step 1
From the SCE> prompt, type
show interface linecard 0 attack-detector all
and press
Enter
.
How to display filter state (enabled or disabled)
Step 1
From the SCE> prompt, type
show interface linecard 0 attack-filter
and press
Enter
.
Example
SCE>show interface LineCard 0 attack-filter
Enabled state :
------------------
Protocol |Direction |State
----------|------------|------------
TCP |source-only |enabled
TCP |dest-only |enabled
TCP |dest+source |enabled
TCP+port |source-only |enabled
TCP+port |dest-only |enabled
TCP+port |dest+source |enabled
UDP |source-only |enabled
UDP |dest-only |enabled
UDP |dest+source |enabled
UDP+port |source-only |enabled
UDP+port |dest-only |enabled
UDP+port |dest+source |enabled
ICMP |source-only |enabled
ICMP |dest-only |enabled
other |source-only |enabled
other |dest-only |enabled
SCE#>
How to display configured threshold values and actions
Use this command to display the configured threshold values and actions a specified IP address (and
port), taking into account the various specific attack detector access list configurations
•
Options, page 11-27
•
Example 1, page 11-27