11-15
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Chapter 11 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Configuring Attack Detectors
How to Define the Subscriber Notification Setting for a Specific Attack Detector
Use the following command to set the subscriber notification setting for a given attack detector and
selected set of attack types.
Step 1 From the SCE(config if)# prompt, type attack-detector number protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (notify-subscriber|don't-notify-subscriber) and press Enter.
Defines the subscriber notification setting for the specified attack detector
How to Define the SNMP Trap Setting for a Specific Attack Detector
Use the following command to enable or disable sending an SNMP trap for a given attack detector and
selected set of attack types.
Step 1 From the SCE(config if)# prompt, type attack-detector number protocol (((TCP|UDP) [dest-port
(specific|not- specific|both)])|ICMP|other|all) attack-direction
(single-side-source|single-side-destination|single-side-both|dual-sided|all) side
(subscriber|network|both) (alarm|no-alarm)
and press Enter.
Defines the SNMP trap setting for the specified attack detector.
How to Define the List of Destination Ports for TCP or UDP Protocols for a Specific Attack Detector
Use the following command to define the list of destination ports for specific port detections for TCP or
UDP protocols.
Step 1 From the SCE(config if)# prompt, type attack-detector number TCP-port-list|UDP-port-list
(all|(
port1 [port2, port3… ]) and press Enter.
Defines the port list for the specified protocol and attack detector.
To Next Page
Loading...
