EasyManua.ls Logo

Dell PowerConnect B-RX - Displaying Statistics Due Dos Attacks

Dell PowerConnect B-RX
1458 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
BigIron RX Series Configuration Guide 999
53-1002253-01
Displaying statistics due DoS attacks
34
If the SYN bit is set and the sequence number is an exact match to the next expected
sequence, the device sends an ACK segment to the peer. Before sending the ACK segment, the
software subtracts one from the value being acknowledged.
If the SYN bit is set and the sequence number is acceptable, the device sends an
acknowledgement (ACK) segment to the peer.
The TCP security enhancement is enabled by default. To disable it, refer to “Disabling the TCP
security enhancement” on page 999.
Protecting against a blind injection attack
In a blind TCP injection attack, a perpetrator tries to inject or manipulate data in a TCP connection.
To reduce the chances of a blind injection attack, perform an additional check on all incoming TCP
segments.
This TCP security enhancement is enabled by default. To disable it, refer to “Disabling the TCP
security enhancement” on page 999.
Disabling the TCP security enhancement
The TCP security enhancement is automatically enabled. If necessary, you can disable this feature.
When you disable this feature, the device reverts to the original behavior.
To disable the TCP security enhancement, enter the following command at the Global CONFIG level
of the CLI.
BigIron RX(config)# no ip tcp tcp-security
To re-enable the TCP security enhancement once it has been enabled, enter the following
command.
BigIron RX(config)# ip tcp tcp-security
Syntax: [no] ip tcp tcp-security
Displaying statistics due DoS attacks
To display information about ICMP and TCP SYN packets dropped, passed, and block because burst
thresholds were exceeded.
The display shows the following.
BigIron RX(config-if-e1000-3/5)# show statistics dos-attack
Collecting transit DOS attack statistic for port 3/5... Completed successfully.
------ DOS Attack Prevention Statistics ------
Port Packet Drop Count Packet Pass Count Port Block Count
----- ----------------- ------------------ ----------------
3/5 12479732 436372 232

Table of Contents

Other manuals for Dell PowerConnect B-RX

Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals