IDS/IPS Configuration
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
931
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
TO VIEW FILE LIST
EXAMPLE
ALU# show firewall intrusion snort file icmp.rules
C) Copyright 2001-2004, Martin Roesch, Brian Caswell, et al.
All rights reserved.
$Id: icmp.rules,v 1.1 2005/03/18 11:27:51 ppote Exp $
-----------
ICMP RULES
-----------
Description:
These rules are potentially bad ICMP traffic. They include most of the
ICMP scanning tools and other "BAD" ICMP traffic (Such as redirect
host)
Other ICMP rules are included in icmp-info.rules
alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"ICMP ISS Pinger";
itype:8; c
ontent:"ISSPNGRQ"; depth:32; reference:arachnids,158;
classtype:attempted-recon;
sid:465; rev:3;)
alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"ICMP L3retriever
Ping"; icod
e:0; itype:8; content:"ABCDEFGHIJKLMNOPQRSTUVWABCDEFGHI"; depth:32;
reference:ar
achnids,311; classtype:attempted-recon; sid:466; rev:4;)
alert icmp $EXTERNAL_NET any -> $HOME_NET any (msg:"ICMP Nemesis v1.1
Echo"; dsi
ze:20; icmp_id:0; icmp_seq:0; itype:8; content:"|00 00 00 00 00 00 00
00 00 00 0
0 00 00 00 00 00 00 00 00 00|"; reference:arachnids,449;
classtype:attempted-rec
on; sid:467; rev:3;)
--More--
Command (in SUM/CM) Description
show firewall intrusion snort
file {<filename>|list>}
Use this command to display the
contents of a specific snort rule file or list
all the rule files.
To Next Page
Loading...
Need help?
General
