Security CLI Commands
590
2/1553-ZAT 759 94 Uen B – December 2005
19.44
security set IDS portfloodthreshold
19.44.1 Syntax
security set IDS portfloodthreshold <max>
19.44.2 Description
This command allows you to set the maximum number of SYN packets that
can be sent to a single port before a port flood is detected. If the number of
SYN packets counted within the time duration set by the command
security
set IDS floodperiod
is greater than the maximum value set here, the
suspected attacker is blocked for the time limit specified in the command
security set IDS DOSattackblock
.
For example, using the default settings, if more than 10 SYN packets are
received per second for a 10 second duration, the attacker is blocked.
Note:
This CLI command is
case-sensitive
. You must type the command
attributes exactly as they appear in the syntax section of this page. If
you do not use the same case-sensitive syntax, the command fails
and the CLI displays a syntax error message.
19.44.3 Options
The following table gives the range of values for each option which can be
specified with this command and a default value (if applicable).
Option Description
Default
value
max
Maximum number of SYN packets that
can be received by a single port
before a flood is detected.
10 (per second)
19.44.4 Example
-->
security set IDS portfloodthreshold 15
Содержание HM4x0
Страница 1: ...HM4x0 CLI Reference Guide ...
Страница 125: ...DHCP Client CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 125 ID Identifier Suggested Value 1 host name Vancouver ...
Страница 353: ...NAT CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 353 inside the network internal or DMZ ...
Страница 643: ...System CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 643 22 3 5 Example system add login john temporarily ...
Страница 702: ...Ericsson AB Ericsson AB 2005 All Rights Reserved www ericsson com 2 1553 ZAT 759 94 Uen B December 2005 ...