Maintaining Syn Cookies; Summary Of Syn Cookies Configuration Commands; Managed Security Services (Mss) - Avaya G450 Manual
Administration
Hide thumbs
Also See for G450:
- Cli reference manual (1334 pages) ,
- Installing and upgrading (324 pages) ,
- Install book (190 pages)
Table of Contents
Advertisement
SYN attack notification
When the SYN cookies feature is enabled, the G450 alerts the administrator to a suspected
SYN attack as it occurs by sending the following syslog message:
SYN attack suspected! Number of unanswered SYN requests is greater
than 20 in last 10 seconds
Maintaining SYN cookies
Use the following commands to show and clear SYN cookies statistics:
Enter show tcp syn-cookies to show SYN cookies statistics.
●
Note:
For an example and explanation of SYN cookies statistics, see Avaya G450 CLI
Note:
Reference, 03-602056.
Enter clear tcp syn-cookies counters to clear the SYN cookies counters.
●
Summary of SYN cookies configuration commands
For more information about these commands, see Avaya G450 CLI Reference, 03-300437.
Table 10: Master Configuration Key configuration commands
Command
clear tcp syn-cookies
counters
show tcp syn-cookies
tcp syn-cookies
Managed Security Services (MSS)
Media Gateway IP interfaces and gateway applications such as WAN routers, PoE switches,
and VPN devices can be at risk for DoS attacks. The G450 identifies predefined or
custom-defined traffic patterns as suspected attacks and generates SNMP notifications,
referred to as Managed Security Services (MSS) notifications.
.
Description
Clear the SYN cookies counters
Show SYN cookies statistics for inbound TCP connections
Enable or disable the TCP SYN cookies defense mechanism
against SYN attacks
Special security features
Issue 1 January 2008
71
- Quick Links:
- Basic Configuration
- Configuration Using Cli
Hide quick links:
Advertisement
Table of Contents
