Digital Data Communications LevelOne GTL-2091 Manual - Página 3
Procurar online ou descarregar pdf Manual para Interruptor Digital Data Communications LevelOne GTL-2091. Digital Data Communications LevelOne GTL-2091 4 páginas. Attack prevention configuration
Também para Digital Data Communications LevelOne GTL-2091: Manual (8 páginas)
Imprimir páginaChapter 1 Attack Prevention Configuration
1.1 Overview
To guarantee the reasonable usage of network bandwidth, our 6508 series switches
provide the function to prevent vicious traffic from occupying lots of network bandwidth.
In light of current attack modes, our 6508 series switches can limit the hosts that send
lots of ARP, IGMP or IP message in a period of time and do not provide any service to
these hosts. The function can prevent malicious message from occuping lots of
network bandwidth. Therefore, the network can not be congested.
1.2 Attack Prevention Configuration Tasks
When the number of IGMP, ARP or IP message that is sent by a host in a designated
interval exceeds the threshold, we think that the host attack the network.
You can select the type of attack prevention (ARP, IGMP or IP), the attack prevention
port and the attack detection parameter. You have the following configuration tasks:
l
Configuring the attack prevention type
l
Configuring the attack detection parameters
1.3 Attack Prevention Configuration
1.3.1 Configuraing the Attack Detection Parameters
filter period time
filter threshold vlaue
filter block-time time
1.3.2 Configuring the Attack Prevention Type
filter igmp
fileter ip source-ip
interface f x/y
http://www.level1.com
Command
Command
Attack Prevention Configuration
Description
Sets the attack detection period to time,
whose unit is second.
Sets the attack detection threshold to value.
The parameter value represents the number
of messge at the threshold.
Sets the out-of-service time for the attack
source when the attack source is detected.
Its unit is second.
Description
Detects the igmp attack.
Detects the IP attack based on the source IP
address.
Enters interface configuration mode for
- 1 -