Chapter 8
| General Security Measures
Denial of Service Protection
– 302 –
Syntax
[no] dos-protection ip invalid-source-ip-address
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
These packets may have any of the following attributes:
◆ Source IP address is ::1
◆ Source IP address is 0xFF00::/8
Example
Console(config)#dos-protection ip invalid-source-ip-address
Console(config)#
Protection for TCP
dos-protection tcp
blat-block
This command protects against attacks in which a specially crafted packet is sent to
a host where the source host port is the same as the destination host port. The
system attempts to reply to itself, resulting in system lockup.
Syntax
[no] dos-protection tcp blat-block
Default Setting
Disabled
Command Mode
Global Configuration
Example
Console(config)#dos-protection tcp blat-block
Console(config)#
To Next Page
Loading...
