11-10
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
How to Enable Specific-IP Detection for the TCP Protocol for Port-based Detections Only for
Dual-sided Attacks
Step 1 From the SCE(config if)# prompt, type attack-filter protocol TCP dest-port specific attack-direction
dual-sided and press Enter.
How to Disable Specific-IP Detection for Protocols Other than TCP, UDP, and ICMP for all Attack
Directions
Step 1 From the SCE(config if)# prompt, type no attack-filter protocol other and press Enter.
How to Disable Specific-IP Detection for ICMP for Single-sided Attacks Defined by the Source IP
Step 1 From the SCE(config if)# prompt, type no attack-filter protocol ICMP attack-direction
single-side-source
and press Enter.
How to Configure the Default Attack Detector
• Options, page 11-11
• How to Define the Default Action and Optionally the Default Thresholds, page 11-11
• How to Reinstate the System Defaults for a Selected Set of Attack Types, page 11-12
• How to Reinstate the System Defaults for All Attack Types, page 11-12
Use these commands to configure the values for the default attack detector for the following parameters:
• Attack handling action
• Thresholds
• Subscriber notification
• Sending an SNMP trap
If a specific attack detector is defined for a particular attack type, it will override the configured default
attack detector.
To Next Page
Loading...
