Table of Contents
Advertisement
E
XAMPLE
Console(config)#dos-protection udp-flooding 65
Console(config)#
This command protects against DoS WinNuke attacks in which affected the
dos-protection
Microsoft Windows 3.1x/95/NT operating systems. In this type of attack,
win-nuke
the perpetrator sends the string of OOB out-of-band (OOB) packets
contained a TCP URG flag to the target computer on TCP port 139
(NetBIOS), casing it to lock up and display a "Blue Screen of Death." This
did not cause any damage to, or change data on, the computer's hard disk,
but any unsaved data would be lost. Microsoft made patches to prevent the
WinNuke attack, but the OOB packets still put the service in a tight loop
that consumed all available CPU time. Use the no form to disable this
feature.
S
YNTAX
dos-protection win-nuke [bit-rate-in-kilo rate]
no dos-protection udp-flooding
D
EFAULT
Disabled, 1000 kbits/second
C
OMMAND
Global Configuration
E
XAMPLE
Console(config)#dos-protection win-nuke 65
Console(config)#
This command shows the configuration settings for the DoS protection
show
commands.
dos-protection
C
OMMAND
Privileged Exec
E
XAMPLE
Console#show dos-protection
Global DoS Protection:
Echo/Chargen Attack : Disabled, 1000 kilobits per second
Smurf Attack
TCP Flooding Attack : Disabled, 1000 kilobits per second
TCP Null Scan
TCP SYN/FIN Scan
TCP XMAS Scan
UDP Flooding Attack : Disabled, 1000 kilobits per second
rate – Maximum allowed rate. (Range: 64-2000 kbits/second)
S
ETTING
M
ODE
M
ODE
: Enabled
: Enabled
: Enabled
: Enabled
– 937 –
| General Security Measures
C
24
HAPTER
Denial of Service Protection
- Quick Links:
- Connecting to the Switch
- Console Connection
Hide quick links:
Advertisement
Chapters
Table of Contents
