PAMSPAN501x G.SHDSL.bis EFM Gateway
-71
Enable/disable/clear IDS blacklist
firewall set IDS blacklist {enable|disable|clear}
Equal to
security enable IDS blacklist
security disable IDS blacklist
security clear IDS blacklist
Enabling the Blacklist will block traffics from an external host when it has detected
one of the following types of attack:
Protocol
Attack Name
UDP Ascend Kill
UDP Echo Scan (Port scan attack)
TCP WinNuke (Port scan attack)
TCP Xmas Tree Scan (Port scan attack)
TCP IMAP SYN/FIN Scan ((Port scan attack)
ICMP SMURF (if victim protection is set; SMURF Attack)
TCP SYN Flood (if scanning threshold is exceeded; SYN/FIN/RST
Flood )
TCP Net Bus Scan (Port scan attack)
UDP Back Orifice Scan (Port scan attack)
- If a DoS attack is detected, the host is blacklisted for 30 minutes by default
- If a port scan is detected, the host is blacklisted for 24 hours by default
To Next Page
Loading...