Chapter 8
| General Security Measures
Denial of Service Protection
– 309 –
Other Protection Commands
dos-protection
echo-chargen
This command protects against Echo/Chargen attacks in which the echo service
repeats anything sent to it, and the chargen (character generator) service generates
a continuous stream of data. When used together, they create an infinite loop and
result in denial-of-service.
Syntax
dos-protection echo-chargen [bit-rate-in-kilo rate]
no dos-protection echo-chargen
rate – Maximum allowed rate. (Range: 64-2048 kbits/second)
Default Setting
Disabled, 1024 kbits/second
Command Mode
Global Configuration
Command Usage
Packets attributes for echo/chargen protocols are:
â—† TCP/UDP on port 7 (echo)
â—† TCP/UDP on port 19 (chargen)
Example
Console(config)#dos-protection echo-chargen 65
Console(config)#
DoS Configuration Information
show dos-protection This command shows the configuration settings for the DoS protection commands.
Command Mode
Privileged Exec
Example
Console#show dos-protection
DoS Protection: Disabled
Protocl Type Status
------- -------------------------------- --------
IPv4 Invalid IP Address Disabled
IPv4 Invalid Header Length Disabled
IPv4 Invalid Source IP Address Disabled
IPv4 Invalid Destination IP Address Disabled
IPv6 Invalid IP Address Disabled
IPv6 Invalid Header Length Disabled
To Next Page
Loading...
Need help?
General
