Monitoring Attack Filtering
other
other
other
other
SCE#>
How to display all attack detector configurations
From the SCE> prompt, type show interface linecard 0 attack-detector all and press Enter.
Step 1
How to display filter state (enabled or disabled)
From the SCE> prompt, type show interface linecard 0 attack-filter and press Enter.
Step 1
Example
SCE>show interface LineCard 0 attack-filter
Enabled state :
------------------
Protocol
----------|------------|------------
TCP
TCP
TCP
TCP+port
TCP+port
TCP+port
UDP
UDP
UDP
UDP+port
UDP+port
UDP+port
ICMP
ICMP
other
other
SCE#>
How to display configured threshold values and actions
Use this command to display the configured threshold values and actions a specified IP address (and
port), taking into account the various specific attack detector access list configurations
•
•
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
11-26
|net.|source-only||Report|
|net.|dest-only
||Report|
|sub.|source-only||Report|
|sub.|dest-only
||Report|
|Direction
|State
|source-only |enabled
|dest-only
|enabled
|dest+source |enabled
|source-only |enabled
|dest-only
|enabled
|dest+source |enabled
|source-only |enabled
|dest-only
|enabled
|dest+source |enabled
|source-only |enabled
|dest-only
|enabled
|dest+source |enabled
|source-only |enabled
|dest-only
|enabled
|source-only |enabled
|dest-only
|enabled
Options, page 11-27
Example 1, page 11-27
Chapter 11
Identifying and Preventing Distributed-Denial-Of-Service Attacks
500|
250|50
500|
250|50
500|
250|50
500|
250|50
|No
|No
|No
|No
|No
|No
|No
|No
OL-7827-12