Digital Data Communications LevelOne GTL-2091 Manual - Página 4
Procurar online ou descarregar pdf Manual para Interruptor Digital Data Communications LevelOne GTL-2091. Digital Data Communications LevelOne GTL-2091 4 páginas. Attack prevention configuration
Também para Digital Data Communications LevelOne GTL-2091: Manual (8 páginas)
Imprimir páginafilter arp
The ARP attack takes the host's MAC address and the source port as the attack
source, that is, message from the same MAC address but different ports cannot be
calculated together. Both the IGMP attack and IP attack take the host's IP address
and source port as the attack source.
Remember that the IGMP attack prevention and the IP attack prevention cannot be
started up together.
1.3.3 Starting up the Attack Prevention Function
After all parameters for attack prevention are set, you can start up the attack
prevention function. Note that small parts of processor source will be occupied when
the attack prevention function is started.
filter enable
Use the no filter enable command to disable the attack prevention function and
remove the block to all attack sources.
1.3.4 Checking the State of Attack Prevention
After attack prevention is started, you can run the following command to check the
state of attack prevention:
show filter
1.4 Attack Prevention Configuration Example
To enable the IGMP attack prevention and the ARP attack prevention on port 1/2,
consider any host that sends more than 1200 pieces of message within 15 seconds as
the attack source and to cut off network service for any attack source.
filter period 15
filter threshold 1200
filter block-time 600
interface g0/2
filter arp
exit
filter enable
http://www.level1.com
Command
Command
Attack Prevention Configuration
interface y at slot X.
Detects the arp attack.
Description
Starts up the attack prevention function.
Description
Checks the state of attack prevention.
- 2 -