Filter and Firewall
Left running head:
Chapter name (automatic)
778
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
10. Configuring the DoS attacks from which protection is required. In this
case, we configure all the available attacks present on the OmniAccess 5740
USG.
ALU(config)# firewall
ALU(config-firewall)# attack atk1
ALU(config-firewall-attack-atk1)# tcp-fin-no-ack
ALU(config-firewall-attack-atk1)# tcp-fin-scan
ALU(config-firewall-attack-atk1)# tcp-header-frag
ALU(config-firewall-attack-atk1)# tcp-invalid-urgent-offset
ALU(config-firewall-attack-atk1)# tcp-null-scan
ALU(config-firewall-attack-atk1)# tcp-syn-fin
ALU(config-firewall-attack-atk1)# tcp-syn-flood
ALU(config-firewall-attack-atk1)# tcp-xmas-scan
ALU(config-firewall-attack-atk1)# udp-flood
ALU(config-firewall-attack-atk1)# udp-fraggle-attack
ALU(config-firewall-attack-atk1)# udp-port-loopback
ALU(config-firewall-attack-atk1)# udp-snork-attack
ALU(config-firewall-attack-atk1)# icmp-block-trace-route
ALU(config-firewall-attack-atk1)# icmp-dest-unrch-storm
ALU(config-firewall-attack-atk1)# icmp-ip-address-sweep
ALU(config-firewall-attack-atk1)# icmp-ping-flood threshold
2 10
ALU(config-firewall-attack-atk1)# icmp-ping-of-death
ALU(config-firewall-attack-atk1)# icmp-ping-of-death max-
total-length 64
ALU(config-firewall-attack-atk1)# icmp-redirect
ALU(config-firewall-attack-atk1)# icmp-router-advertisement
ALU(config-firewall-attack-atk1)# ip-land-attack
ALU(config-firewall-attack-atk1)# ip-source-routing
ALU(config-firewall-attack-atk1)# ip-spoofing
ALU(config-firewall-attack-atk1)# ip-tear-drop
ALU(config-firewall-attack-atk1)# ip-tiny-frag
ALU(config-firewall-attack-atk1)# ip-zero-length
To Next Page
Loading...
