Security-log, Security-log -58 – Carrier Access Adit 3000 Series and Multi-Service Router (MSR) Card none User Manual

Page 184

Advertising
background image

4-58

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) CLI

Global Configuration Mode

Global Configuration Commands

security-log

Use the security-log command to configure the security policy. To delete a security policy, see no
security-log command on page 4-49.

Syntax:

(config)# security-log

setting enable

Example:

(config)# security-log accepted-out-connection enable

Supported Platforms:

Adit 3104, Adit 3200, Adit 3500, MSR

Field

Definition

Accepted Events

accepted-in-connections Sessions originated from the Internet that have been allowed by

the firewall.

accepted-out-
connections

Sessions originated from the network that have been allowed by
the firewall.

Blocked Events

blocked-conn-attempts Sessions that have been blocked by the firewall.
blocked-fragments

Detection of fragmented packets when Block IP Fragments is
enabled.

defrag-error

Detection of fragmented packets that cannot be properly
reassembled.

echo-chargen

Detection of the Echo or Chargen DOS attacks.

icmp-flood

Detection of an ICMP flood DOS attack.

icmp-multicast

Detection of multicast ICMP packets, such as a ping to a subnet
broadcast address.

icmp-redirect

Detection of improper ICMP redirect messages from the WAN.

icmp-replay

Detection of an ICMP Replay DOS attack.

multicast-broadcast

Detection of the Multicast or broadcast packets arriving at the
WAN interface.

pkt-illegal-opts

Detection of IP packets with disallowed IP options: lsrr, ssrr, rr,
timestamp, or error options.

spoofed-connection

Detection of IP address spoofing attacks.

syn-flood

Detection of the Syn Flood DOS attack.

udp-flood

Detection of a UDP Flood attack.

winnuke

Detection of the Winnuke DOS attack.

Other Events

connection-states

Session connection state detail.

rem-admin-attempts

Management sessions established.

Log Buffer

prevent-log-overrun

Stop logging firewall detail when the log is full. This prevents
loosing early log entries, but will drop the later log entries.

Advertising
Popular Brands
Popular manuals