Table of Contents
Advertisement
Left running head:
Chapter name (automatic)
Intrusion Detection System
# we have started to see multiple versions of this beyond 003.003, so
we have
# expanded this signature to take that into account.
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"POLICY VNC server
response";)
--More--
SHOW FIREWALL INTRUSION SNORT RULE
show firewall intrusion snort rule {category <name> |classtype
<name>| disable{category|classtype|priority|sid}|priority
{high|low|medium}|sid <1-4294967295>...}
D
ESCRIPTION
Use this command to display the contents of a specific snort rule.
P
ARAMETER
category <name>
class-type <name>
disable{category|classtype|
priority|sid}
priority {high|low|medium}
sid <1-4294967295...>
E
XAMPLE
ALU#show firewall intrusion snort rule category dos
alert ip $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS Jolt
attack"; dsize:408; fragbits:M; reference:cve,1999-0345;
classtype:attempted-dos; sid:268; rev:4;)
alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS Teardrop
attack"; fragbits:M; id:242; reference:bugtraq,124;
reference:cve,1999-0015; reference:nessu)
alert udp any 19 <> any 7 (msg:"DOS UDP echo+chargen bomb";
reference:cve,1999-0103; reference:cve,1999-0635;
classtype:attempted-dos; sid:271; rev:4;)
720
Beta
Parameter
Alcatel-Lucent
Description
Details of the snort rules belonging to a
specified category.
Details of the snort rules belonging to a
specified class type.
Details of the snort rules belonging to a
disabled category, class type, priority
and rule ID.
Details of the snort rules of a specific
priority.
Details of the snort rules of a specific
rule ID.
OmniAccess 700 CLI Command Reference Guide
Beta
Advertisement
Table of Contents
