How To Enable Specific-Ip Detection For The Tcp Protocol For Port-Based Detections Only For Dual-Sided Attacks; How To Disable Specific-Ip Detection For Protocols Other Than Tcp, Udp, And Icmp For All Attack Directions; How To Configure The Default Attack Detector - Cisco SCE2020-4XGBE-SM Configuration Manual

Configuring Attack Detectors
How to Enable Specific-IP Detection for the TCP Protocol for Port-based Detections Only for
Dual-sided Attacks
Step 1 From the SCE(config if)# prompt, type attack-filter protocol TCP dest-port specific attack-direction
dual-sided and press Enter.
How to Disable Specific-IP Detection for Protocols Other than TCP, UDP, and ICMP for all Attack
Directions
From the SCE(config if)# prompt, type no attack-filter protocol other and press Enter.
Step 1
How to Disable Specific-IP Detection for ICMP for Single-sided Attacks Defined by the Source IP
From the SCE(config if)# prompt, type no attack-filter protocol ICMP attack-direction
Step 1
single-side-source and press Enter.

How to Configure the Default Attack Detector

•
•
•
•
Use these commands to configure the values for the default attack detector for the following parameters:
•
•
•
•
If a specific attack detector is defined for a particular attack type, it will override the configured default
attack detector.
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
11-10
Options, page 11-11
How to Define the Default Action and Optionally the Default Thresholds, page 11-11
How to Reinstate the System Defaults for a Selected Set of Attack Types, page 11-12
How to Reinstate the System Defaults for All Attack Types, page 11-12
Attack handling action
Thresholds
Subscriber notification
Sending an SNMP trap
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
OL-7827-12