HP 6600 Security Configuration Manual page 505
Hide thumbs
Also See for 6600:
- Command reference manual (286 pages) ,
- Configuration manual (236 pages) ,
- Installation and getting started manual (103 pages)
Table of Contents
Advertisement
Figure 240 Network diagram
Host A
Host C
Configuration procedure
# Configure IP addresses for interfaces. (Details not shown.)
# Enable the blacklist function.
<Router> system-view
[Router] blacklist enable
# Create attack protection policy 1.
[Router] attack-defense policy 1
# Enable Smurf attack protection.
[Router-attack-defense-policy-1] signature-detect smurf enable
# Enable scanning attack protection.
[Router-attack-defense-policy-1] defense scan enable
# Set the connection rate threshold that triggers scanning attack protection to 4500 connections per
second.
[Router-attack-defense-policy-1] defense scan max-rate 4500
# Enable the blacklist function for scanning attack protection.
[Router-attack-defense-policy-1] defense scan add-to-blacklist
[Router-attack-defense-policy-1] quit
# Apply policy 1 to GigabitEthernet 3/0/2.
[Router] interface gigabitethernet 3/0/2
[Router-GigabitEthernet3/0/2] attack-defense apply policy 1
[Router-GigabitEthernet3/0/2] quit
# Create attack protection policy 2.
[Router] attack-defense policy 2
# Enable SYN flood attack protection.
[Router-attack-defense-policy-2] defense syn-flood enable
# Configure SYN flood attack protection for the internal server 10.1.1.2 and set the action threshold to
5000 and silence threshold to 1000.
[Router-attack-defense-policy-2] defense syn-flood ip 10.1.1.2 rate-threshold high 5000
low 1000
Host B
Router
GE3/0/1
192.168.1.1/16
Server
10.1.1.2/24
GE3/0/2
202.1.0.1/16
Internet
GE3/0/3
10.1.1.1/24
491
Attacker
Host D
5.5.5.5/24
Advertisement
Table of Contents
Troubleshooting
