Syn-Ack-Flood Detect Non-Specific; Syn-Ack-Flood Threshold - H3C MSR Series Command Reference Manual
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
syn-ack-flood detect non-specific
Use syn-ack-flood detect non-specific to enable global SYN-ACK flood attack detection.
Use undo syn-ack-flood detect non-specific to disable global SYN-ACK flood attack detection.
Syntax
syn-ack-flood detect non-specific
undo syn-ack-flood detect non-specific
Default
Global SYN-ACK flood attack detection is disabled.
Views
Attack defense policy view
Predefined user roles
network-admin
Usage guidelines
The global SYN-ACK flood attack detection applies to all IP addresses except for those specified by
the syn-ack-flood detect command. The global detection uses the global trigger threshold set by
the syn-ack-flood threshold command and global actions specified by the syn-ack-flood action
command.
Examples
# Enable global SYN-ACK flood attack detection in the attack defense policy atk-policy-1.
<Sysname> system-view
[Sysname] attack-defense policy atk-policy-1
[Sysname-attack-defense-policy-atk-policy-1] syn-ack-flood detect non-specific
Related commands
syn-ack-flood action
syn-ack-flood detect
syn-ack-flood threshold
syn-ack-flood threshold
Use syn-ack-flood threshold to set the global threshold for triggering SYN-ACK flood attack
prevention.
Use undo syn-ack-flood threshold to restore the default.
Syntax
syn-ack-flood threshold threshold-value
undo syn-ack-flood threshold
Default
The global threshold is 1000 for triggering SYN-ACK flood attack prevention.
Views
Attack defense policy view
1083
Advertisement
Table of Contents
