Filter and Firewall
Left running head:
Chapter name (automatic)
714
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
Alcatel-Lucent
ICMP-DEST-UNRCH-STORM
icmp-dest-unrch-storm [threshold <1-4294967295> <1-4294967295>]
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
Attackers may flood network with ICMP destination unreachable packets for which
there is information available for original packet. Knowing traffic pattern for the site
helps in preventing this type of attack. For a e-business site, it may be 20,000
ICMP destination unreachable packets/second. For a smaller site, it might be 20
ICMP destination unreachable packets/sec. Hence, depending upon the traffic
pattern, the threshold can be set. If the threshold is crossed, it might be pointer to
a ICMP destination unreachable attack.
PARAMETERS
DEFAULT VALUE
The default is 10 packets in 1000 milliseconds.
EXAMPLE
ALU(config-firewall-attack-A1)# icmp-dest-unrch-storm threshold
11 5
Parameter Description
threshold To set a threshold limit.
<1-4294967295> <1-4294967295> Number of packets permissible within a
defined interval.
To Next Page
Loading...
Need help?
General
