EasyManuals Logo
Home>HP>Switch>FlexFabric 5700 series

HP FlexFabric 5700 series User Manual

HP FlexFabric 5700 series
460 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #413 background imageLoading...
Page #413 background image
401
Configuring attack detection and prevention
Overview
Attack detection and prevention enables a device to detect attacks by inspecting arriving packets, and
to take prevention actions, such as packet dropping, to protect a private network.
The device supports only TCP fragment attack prevention.
Configuring TCP fragment attack prevention
The TCP fragment attack prevention feature enables the device to drop attack TCP fragments to prevent
TCP fragment attacks that traditional packet filter cannot detect. As defined in RFC 1858, attack TCP
fragments refer to the following TCP fragments:
• First fragments in which the TCP header is smaller than 20 bytes.
• Non-first fragments with a fragment offset of 8 bytes (FO=1).
To configure TCP fragment attack prevention:
Ste
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enable TCP fragment attack
prevention.
attack-defense tcp fragment
enable
By default, TCP fragment attack
prevention is enabled.

Table of Contents

Other manuals for HP FlexFabric 5700 series

Preview: Configuration Guide
Configuration Guide185 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP FlexFabric 5700 series and is the answer not in the manual?

HP FlexFabric 5700 series Specifications

General IconGeneral
BrandHP
ModelFlexFabric 5700 series
CategorySwitch
LanguageEnglish

Related product manuals