Intrusion Detection/Intrusion Prevention System
Left running head:
Chapter name (automatic)
932
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
T
O VIEW SNORT RULES
EXAMPLE
ALU#show firewall intrusion snort rule category dos
alert ip $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS Jolt
attack"; dsize:408; fragbits:M; reference:cve,1999-0345;
classtype:attempted-dos; sid:268; rev:4;)
alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"DOS Teardrop
attack"; fragbits:M; id:242; reference:bugtraq,124;
reference:cve,1999-0015; reference:nessu)
alert udp any 19 <> any 7 (msg:"DOS UDP echo+chargen bomb";
reference:cve,1999-0103; reference:cve,1999-0635;
classtype:attempted-dos; sid:271; rev:4;)
T
O VIEW DISABLED RULES/GROUPS
EXAMPLE
ALU# show firewall intrusion snort rule disable sid
Disable sid:
Command (in SUM/CM) Description
show firewall intrusion snort
rule {category <name>
|classtype <name>|
disable{category|classtype|pri
ority|sid}|priority
{high|low|medium}|sid <1-
4294967295>...}
Use this command to display the
contents of a specific Snort rule.
Command (in SUM/CM) Description
show firewall intrusion snort
rule disable
{category|classtype|priority|
sid}
Use this command to display the
information of group of rules that are
disabled.
To Next Page
Loading...
