EasyManuals Logo

Cisco SCE8000 Configuration Guide

Cisco SCE8000
262 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #211 background imageLoading...
Page #211 background image
10-23
Cisco SCE8000 Software Configuration Guide, Rel 3.1.6S
OL-16479-01
Chapter 10 Identifying and Preventing Distributed-Denial-Of-Service Attacks
Monitoring Attack Filtering
How to display a specified attack detector configuration
• Options, page 10-23
• Example, page 10-23
The following information is displayed:
• Protocol Side — Whether the attack detector applies to attacks originating at the subscriber or
network side.
• Direction — Whether the attack detector applies to single sided or dual sided attacks. Action to take
if an attack is detected.
• Thresholds:
–
open-flows-rate — Default threshold for rate of open flows (new open flows per second).
–
suspected-flows-rate — Default threshold for rate of suspected DDoS flows (new suspected
flows per second).
–
suspected-flows-ratio — Default threshold for ratio of suspected flow rate to open flow rate.
• Subscriber notification — enabled or disabled.
• Alarm: sending an SNMP trap enabled or disabled.
Options
The following option is available:
• number — the number of the attack detector to display
Step 1 From the SCE> prompt, type show interface linecard 0 attack-detector number and press Enter.
Example
SCE>show interface LineCard 0 attack-detector 1
Detector #1:
Comment: 'Sample'
Access-list: 1
Effective only for TCP port(s) 21,23,80
Effective for all UDP ports
Protocol|Side|Direction ||Action| Thresholds |Sub- |Alarm
| | || |Open flows|Ddos-Suspected flows|notif|
| | || |rate |rate |ratio | |
--------|----|-----------||------|----------|------------|-------|-----|-----
TCP |net.|source-only|| | | | | |
TCP |net.|dest-only || | | | | |
TCP |sub.|source-only|| | | | | |
TCP |sub.|dest-only || | | | | |
TCP |net.|source+dest|| | | | | |
TCP |sub.|source+dest|| | | | | |
TCP+port|net.|source-only||Block | | | | |Yes
TCP+port|net.|dest-only || | | | | |
TCP+port|sub.|source-only||Block | | | | |Yes
TCP+port|sub.|dest-only || | | | | |
TCP+port|net.|source+dest|| | | | | |
TCP+port|sub.|source+dest|| | | | | |
UDP |net.|source-only|| | | | | |
UDP |net.|dest-only || | | | | |
UDP |sub.|source-only|| | | | | |
UDP |sub.|dest-only || | | | | |

Table of Contents

Other manuals for Cisco SCE8000

Preview: Quick Start Guide
Quick Start Guide24 pages
Preview: Removal And Replacement Procedures
Removal And Replacement Procedures36 pages
Preview: Installing
Installing20 pages
Preview: Installation And Configuration Guide
Installation And Configuration Guide154 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco SCE8000 and is the answer not in the manual?

Cisco SCE8000 Specifications

General IconGeneral
BrandCisco
ModelSCE8000
CategoryNetwork Hardware
LanguageEnglish

Related product manuals