udp-fraggle-attack
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
739
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
UDP-FRAGGLE-ATTACK
udp-fraggle-attack
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode. When a
perpetrator sends a large number of UDP echo (ping) traffic at IP broadcast
addresses, all of it having a fake source address, it causes system crash or denial
of service. The above command is included in the default attack prevention list to
secure the system from this attack.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# udp-fraggle-attack
UDP-PORT-LOOPBACK
udp-port-loopback [threshold <1-4294967295> <1-4294967295>]
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
A UDP packet travels between two "echoing" ports. Such packets can bounce
infinite number of times, using up network bandwidth and CPU. An intruder can
cause problems by spoofing a packet from one machine and send it to
another.The malicious intruder could generate lots of these packets in order to
totally overwhelm the systems and network. This keyword is included with
appropriate parameters in the default list.
PARAMETERS
DEFAULT VALUE
The default is 10 packets in 1000ms.
EXAMPLE
ALU(config)# attack A4
ALU(config-attack A4)# udp-port-loopback threshold 30 13
Parameter Description
threshold Threshold limit set.
<1-4294967295> <1-4294967295> Number of packets permissible within a
defined interval.
To Next Page
Loading...
