Chapter 8
| General Security Measures
Denial of Service Protection
– 300 –
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
These packets may have any of the following attributes:
◆ 224.0.0.0 ≤ source IP address ≤ 240.0.0.0
◆ Source IP address is 127.*.*.*
◆ Source IP address is 255.255.255.255
Example
Console(config)#dos-protection ip invalid-source-ip-address
Console(config)#
Protection for IPv6
dos-protection ipv6
invalid-destination-ip-
address
This command protects against invalid IPv6 destination address attacks. When a
stream such packets are received, this can indicate a denial-of-service (DoS)
attempt or just a packet generator using RAW sockets on the network.
Syntax
[no] dos-protection ipv6 invalid-destination-ip-address
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
These packets may have any of the following attributes:
◆ Destination IP address is ::1
◆ Destination IP address is ::/128
Example
Console(config)#dos-protection ipv6 invalid-destination-ip-address
Console(config)#
To Next Page
Loading...
