Configuring Attack Detectors
How to Delete User-Defined Values
Use the following command to remove settings of action, thresholds, subscriber notification, and
sending an SNMP trap for a specific attack detector and selected set of attack types.
Removing these settings for a given attack type restores them to the default 'not configured' state, which
means that the attack detector does not take part in determining the response for attacks of this attack
type.
From the SCE(config if)# prompt, type default attack-detector number protocol (((TCP|UDP)
Step 1
[dest-port (specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) and press Enter.
Defines the action of the specified attack detector.
How to Disable a Specific Attack Detector
Use the following command to disable a specific attack detector, configuring it to use the default action,
threshold values and subscriber notification for all protocols, attack directions and sides.
From the SCE(config if)# prompt, type default attack-detector number and press Enter.
Step 1
Disables the specified attack detector.
How to Disable All Non-default Attack Detectors
Use the following command to disable all non-default attack detectors, configuring them to use the
default values.
Step 1
From the SCE(config if)# prompt, type default attack-detector all-numbered and press Enter.
Disables all non-default attack detectors.
How to Disable All Attack Detectors
Use the following command to disable all attack detectors, configuring them to use the default values.
From the SCE(config if)# prompt, type default attack-detector all and press Enter.
Step 1
Disables all attack detectors.
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
11-16
Chapter 11
Identifying and Preventing Distributed-Denial-Of-Service Attacks
OL-7827-12