IP
4 S
A
C
V
OFTWARE
CCESS
ONTROL
DOS
dos
Overview
Use this command to configure Denial-of-Service (DoS) features for a port. Six
different DoS attacks can be detected: IP Options, Land, Ping-of-Death, Smurf,
Synflood and Teardrop.
When the attack is detected, three different actions are available:
•
•
•
dos {ipoptions|land|ping-of-death|smurf broadcast
Syntax
<ip-address>|synflood|teardrop} action {shutdown|trap|mirror}
Mode
Interface Configuration for a switch port interface.
Default
DoS attack detection is not configured by default on any switch port interface.
Usage
See the below table for more information about the DoS attacks recognized by this
command:
C613-50170-01 Rev B
L
(ACL) C
IST
OMMANDS
Shutdown the port for one minute
Cause an SNMP trap.
Send traffic to the mirror port
Parameter
Description
dos
Denial-Of-Service.
ipoptions
IP Options attack.
land
Land attack.
ping-of-death
Large ping attack.
smurf
Ping to broadcast address.
broadcast
Broadcast.
<ip-address>
Local IP Broadcast Address.
synflood
SYN flood attack.
teardrop
IP fragmentation attack.
action
Action.
shutdown
Shutdown port.
trap
Trap to SNMP.
mirror
Send packets to mirror port.
Command Reference for x510 Series
AlliedWare Plus™ Operating System - Version 5.4.7-1.x
1548