H3C MSR Series Command Reference Manual page 1021
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Field
Actions
Signature attack defense
configuration
Signature name
Defense
Level
Actions
Scan attack defense
configuration
Defense
Level
Actions
Flood attack defense
configuration
Flood type
Global thres (pps)
Global actions
Description
Attack prevention actions:
•
CV—Client verification.
•
BS—Blocking sources.
•
L—Logging.
•
D—Dropping packets.
•
N—No action.
Configuration information about single-packet attack detection and
prevention.
Type of the single-packet attack.
Whether single-packet attack detection is enabled.
Level of the single-packet attack, info, low, medium, or high.
Currently, no high-level single-packet attacks exist.
Prevention actions against the single-packet attack:
•
L—Logging.
•
D—Dropping packets.
•
N—No action.
Configuration information about scanning attack detection and prevention.
Whether scanning attack detection is enabled.
Level of the scanning attack detection, low, medium, or high.
Prevention actions against the scanning attack:
•
BS—Blocking sources.
•
D—Dropping packets.
•
L—Logging.
Configuration information about flood attack detection and prevention.
Type of the flood attack:
•
ACK flood.
•
DNS flood.
•
FIN flood.
•
ICMP flood.
•
ICMPv6 flood.
•
SYN flood.
•
SYN-ACK flood.
•
UDP flood.
•
RST flood.
•
HTTP flood.
Global threshold for triggering the flood attack prevention, in units of
packets sent to an IP address per second. The default is 1000 pps.
Global prevention actions against the flood attack:
•
D—Dropping packets.
•
L—Logging.
•
CV—Client verification.
•
-—Not configured.
998
Advertisement
Table of Contents
