Displaying tcp attack information, Displaying server traffic information – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

Page 136

Advertising
background image

122

ServerIron ADX Security Guide

53-1002440-03

Configuring Syn-Proxy

5

Displaying TCP Attack Information

The show server tcp-attack command displays attack information for connection rates counters.

Syntax: show server tcp-attack [debug | fast-path]

Displaying Server Traffic information

The show server traffic command displays four counters that help to analyze incoming traffic and
determine the DOS attack occurrence. Be sure to issue show L4-traffic from the SSM CPU (not the
MP).

ServerIronADX# show server tcp-attack

Connection counters:

Current conn rate = 0 Max conn rate = 1

Attack counters:

Current attack rate = 0 Max attack rate = 0

Client-side counters:

SYN rcvd = 6 SYN-ACK sent = 6

Valid ACKs rcvd = 3 Invalid ACKs rcvd = 33

Client pkt rcvd = 15 Data pkt stored = 3

ACK without data dropp = 0

Destination-side counters:

SYN sent = 3 SYN-ACK rcvd = 3

Duplicate SYN sent = 0 Duplicate SYN-ACK rcvd = 0

Server pkt rcvd = 21 Stored pkt sent = 0

ServerIronADX# show server traffic

Client->Server = 3760614467 Server->Client = 2169558899

Drops = 0 Aged = 17568293

Fw_drops = 0 Rev_drops = 0

FIN_or_RST = 169210866 old-conn = 0

Disable_drop = 0 Exceed_drop = 0

Stale_drop = 9 Unsuccessful = 0

SYN def/proxy RST = 0 Server Resets = 0

Out of Memory = 0 Out of Memory = 0

last conn rate = 0 max conn rate = 16283

last TCP attack rate = 0 max TCP attack rate = 0

fast vport found = 0 fast vport n found = 477

Fwd to non-static FI = 0 Dup stale SYN = 0

TCP forward FIN = 0 TCP reverse FIN = 0

Fast path FWD FIN = 0 Fast path REV FIN = 0

Fast path SLB SYN = 0 Dup SYN after FIN = 0

Duplicate SYN = 0 Duplicate sessions = 0

TCP ttl FIN recvd = 0 TCP ttl reset recvd = 0

Sessions in DEL_Q = 0 Sess force deleted = 0

Fwd sess not found = 0 sess already in delQ = 0

Sess rmvd from delQ = 0

New sess sync sent = 0 New sess sync recvd = 0

TCP SYN received = 0 TCP SYN dropped = 0

TCP SYN to MP = 0 TCP SYN ACK to MP = 0

TCP SYN ACK received = 0 TCP SYN ACK dropped = 0

TCP pkt received = 0 TCP pkt dropped = 0

TCP pkt to MP = 0

Dropped VIP pings = 0

Advertising
Popular Brands
Popular manuals