Chapter 9
| General Security Measures
Denial of Service Protection
– 379 –
dos-protection
win-nuke
This command protects against DoS WinNuke attacks in which affected the
Microsoft Windows 3.1x/95/NT operating systems. In this type of attack, the
perpetrator sends the string of OOB out-of-band (OOB) packets contained a TCP
URG flag to the target computer on TCP port 139 (NetBIOS), casing it to lock up and
display a “Blue Screen of Death.” This did not cause any damage to, or change data
on, the computer’s hard disk, but any unsaved data would be lost. Microsoft made
patches to prevent the WinNuke attack, but the OOB packets still put the service in
a tight loop that consumed all available CPU time. Use the no form to disable this
feature.
Syntax
dos-protection win-nuke [bit-rate-in-kilo rate]
no dos-protection udp-flooding
rate – Maximum allowed rate. (Range: 64-2000 kbits/second)
Default Setting
Disabled, 1000 kbits/second
Command Mode
Global Configuration
Example
Console(config)#dos-protection win-nuke 65
Console(config)#
show dos-protection This command shows the configuration settings for the DoS protection commands.
Command Mode
Privileged Exec
Example
Console#show dos-protection
Global DoS Protection:
Echo/Chargen Attack : Disabled, 1000 kilobits per second
Smurf Attack : Enabled
TCP Flooding Attack : Disabled, 1000 kilobits per second
TCP Null Scan : Enabled
TCP SYN/FIN Scan : Enabled
TCP/UDP Packets with Port 0 : Enabled
TCP XMAS Scan : Enabled
UDP Flooding Attack : Disabled, 1000 kilobits per second
WinNuke Attack : Disabled, 1000 kilobits per second
Console#
To Next Page
Loading...
Need help?
General