EasyManua.ls Logo

ZyXEL Communications 1050 - Page 144

ZyXEL Communications 1050
284 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 20 IDP Commands
ZyWALL (ZLD) CLI Reference Guide
144
20.3.4.1 Creating an Anomaly Profile Example
In this example we create a profile named “test”, configure some settings, display them, and
then return to global command mode.
show idp anomaly profile http-inspection {ascii-
encoding | u-encoding | bare-byte-unicode-
encoding | base36-encoding | utf-8-encoding |
iis-unicode-codepoint-encoding | multi-slash-
encoding | iis-backslash-evasion | self-
directory-traversal | directory-traversal |
apache-whitespace | non-rfc-http-delimiter | non-
rfc-defined-char | oversize-request-uri-
directory | oversize-chunk-encoding | webroot-
directory-traversal} details
Shows http-inspection settings for the specified
IDP profile.
show idp anomaly profile tcp-decoder all details Shows tcp-decoder settings for the specified
IDP profile.
show idp anomaly profile tcp-decoder {undersize-
len | undersize-offset | oversize-offset | bad-
length-options | truncated-options | ttcp-
detected | obsolete-options | experimental-
options} details
Shows tcp-decoder settings for the specified
IDP profile.
show idp anomaly profile udp-decoder all details Shows udp-decoder settings for the specified
IDP profile.
show idp anomaly profile udp-decoder {truncated-
header | undersize-len | oversize-len} details
Shows specified udp-decoder settings for the
specified IDP profile.
show idp anomaly profile icmp-decoder all details Shows all icmp-decoder settings for the
specified IDP profile.
show idp anomaly profile icmp-decoder {truncated-
header | truncated-timestamp-header | truncated-
address-header} details
Shows specified icmp-decoder settings for the
specified IDP profile.
Table 79 Editing/Creating Anomaly Profiles (continued)
COMMAND DESCRIPTION
Router# configure terminal
Router(config)# idp anomaly test
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset
action drop
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset log
alert
Router(config-idp-anomaly-profile-test)# tcp-decoder oversize-offset
activate
Router(config-idp-anomaly-profile-test)# no tcp-decoder oversize-offset
activate
Router(config-idp-anomaly-profile-test)# exit
Router(config)# show idp anomaly test tcp-decoder oversize-offset
details
message: (tcp_decoder) OVERSIZE-OFFSET ATTACK
keyword: tcp-decoder oversize-offset
activate: no
action: drop
log: log alert
Router(config)#

Table of Contents

Related product manuals