Filter and Firewall
Left running head:
Chapter name (automatic)
738
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
Alcatel-Lucent
TCP-XMAS-SCAN
tcp-xmas-scan
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode. This
frame should never be seen in normal TCP operation. Sometimes this is done in
preparation for a future attack, or sometimes it is done to see if the system has a
service which is susceptible to attack. A TCP frame has been seen with a
sequence number of zero and the FIN, URG and PUSH bits all set. To avoid this
attack include the above command.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# tcp-xmas-scan
UDP-FLOOD
udp-flood [threshold <1-4294967295> <1-4294967295>]
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode. This
command is used to configure udp-flood attack for an attack object.
PARAMETERS
DEFAULT
The default is 4 packets per 20 milliseconds.
EXAMPLE
ALU(config-firewall-attack-A1)# udp-flood
Parameter Description
threshold Threshold limit set.
<1-4294967295> <1-4294967295> Number of packets permissible within a
defined interval.