•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Step Description Command Keys
tcp-connection – TCP
connection was
detected.
trojan-activity – network
Trojan was detected.
unusual-client-port-
connection – the client
used an unusual port.
network-scan – network
scan was detected.
denial-of-service – denial
of service attack was
detected.
non-standard-protocol –
custom protocol or event
was detected.
protocol-command-
decode – encryption
attempt was detected.
web-application-activity
– access to a potentially
vulnerable web
application.
web-application-attack –
attack on web
application.
misc-activity – other
activity.
misc-attack – other
attacks.
icmp-event – general
ICMP event.
inappropriate-content –
inappropriate content
was detected.
policy-violation –
potential breach of
corporate privacy.
default-login-attempt –
login attempt using a
standard login/
password.
14 Set DSCP code value for which the rule
should work (optional).
esr(config-ips-category-rule)# ip
dscp <DSCP>
<DSCP> – DSCP code value,
takes values in the range of
[0..63].
15 Set the packet lifetime (TTL) value for
which the rule will trigger (optional).
esr(config-ips-category-rule)# ip
ttl <TTL>
<TTL> – TTL value, takes
values in the range of [1..255].
To Next Page
Loading...
