IP Commands
page 29-114 OmniSwitch 6250 CLI Reference Guide November 2009
show ip dos config
Displays the configuration parameters of the DoS scan for the switch.
show ip dos config
Syntax Definitions
N/A
Defaults
N/A
Platforms Supported
OmniSwitch 6250
Usage Guidelines
This command allows the user to view the configuration parameters of the DoS scan. The scan keeps a
record of the penalties incurred by certain types of packets on TCP and UDP ports. When the set penalty
threshold is reached, it is assumed a DoS attack is in progress, and a trap is generated to inform the system
administrator.
Examples
-> show ip dos config
Dos type Status
-------------------------------------------+-----------------
port scan ENABLED
tcp sync flood ENABLED
ping of death ENABLED
smurf ENABLED
pepsi ENABLED
land ENABLED
teardrop/bonk/boink ENABLED
loopback-src ENABLED
invalid-ip ENABLED
invalid-multicast ENABLED
unicast dest-ip/multicast-mac ENABLED
ping overload DISABLED
arp flood ENABLED
arp poison ENABLED
DoS trap generation = ENABLED,
DoS port scan threshold = 1000,
DoS port scan decay = 2,
DoS port scan close port penalty = 10,
DoS port scan TCP open port penalty = 0,
DoS port scan UDP open port penalty = 0,
Dos MAximum Ping Rate = 100
Dos Maximum ARP Request Rate = 500
To Next Page
Loading...
