Displaying syn-proxy commands, Setting the, Interval time for counting tcp syn packets – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual

Page 95: Displaying tcp attack information

Advertising

Brocade Virtual ADX Security Guide

53-1003250-01

Configuring Syn-Proxy

Setting the interval time for counting TCP SYN packets

The rate at which Syn-proxy is enabled and disabled is determined by the thresholds set in the ip
tcp syn-proxy on-threshold on-threshold-value off-threshold off-threshold-value command over the
time period specified in the server syn-attack-detection-interval command. This interval is
configured on the Brocade Virtual ADX as shown in the following.

Virtual ADX(config)#server syn-attack-detection-interval 10

Syntax: server syn-attack-detection-interval detection-interval-value

The detection-interval-value variable defines the interval that is used to define the time for
counting TCP SYN packets. The range of settings for this interval is 1 to 10 with each level
representing 100 ms. Consequently, the interval can be from 100 ms to 1 second. If the interval
value is smaller, the reaction time for enabling Syn-proxy is shorter, and the measurement of the
TCP syn-packet arrival rate is less accurate. If the interval value is larger, the reaction time for
enabling syn-proxy is longer, and the measurement of TCP syn-packet arrival rate is more accurate.
The default interval value is 3 (in effect 300ms).

Displaying Syn-Proxy Commands

This section contains the following sections:

•

“Displaying TCP Attack Information”

on page 83

•

“Displaying Server Traffic information”

on page 84

•

“Displaying SYN Cookie Information”

on page 85

Displaying TCP Attack Information