Ack-Flood Action - HP FlexNetwork MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (392 pages) ,
- Configuration manuals (159 pages)
Advertisement
Attack detection and prevention
commands
Commands and descriptions for centralized devices apply to the following routers:
•
MSR1002-4/1003-8S.
•
MSR2003.
•
MSR2004-24/2004-48.
•
MSR3012/3024/3044/3064.
•
MSR954 (JH296A/JH297A/JH298A/JH299A/JH373A).
•
MSR958 (JH300A/JH301A).
Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers.
ack-flood action
Use ack-flood action to specify global actions against ACK flood attacks.
Use undo ack-flood action to restore the default.
Syntax
ack-flood action { client-verify | drop | logging } *
undo ack-flood action
Default
No global action is specified for ACK flood attacks.
Views
Attack defense policy view
Predefined user roles
network-admin
Parameters
client-verify: Adds the victim IP addresses to the protected IP list for TCP client verification. If TCP
client verification is enabled, the device provides proxy services for protected servers.
drop: Drops subsequent ACK packets destined for the victim IP addresses.
logging: Enables logging for ACK flood attack events.
Usage guidelines
For the ACK flood attack detection to collaborate with the TCP client verification, make sure the
client-verify keyword is specified and the TCP client verification is enabled. To enable TCP client
verification, use the client-verify tcp enable command.
Examples
# Specify drop as the global action against ACK flood attacks in the attack defense policy
atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] ack-flood action drop
808
Advertisement
