Dos-protection tcp- scan, Show dos- protection, Dos-protection tcp-scan – LevelOne GTL-2691 User Manual
Page 970: Show dos-protection
C
HAPTER
29
| General Security Measures
Denial of Service Protection
– 970 –
dos-protection tcp-
scan
This command protects against DoS TCP-null-scan attacks, DoS TCP-SYN/
FIN-scan attacks, and DoS TCP-xmas-scan attacks. Use the no form to
disable this feature.
S
YNTAX
[no] dos-protection tcp-scan
D
EFAULT
S
ETTING
Disabled
C
OMMAND
M
ODE
Global Configuration
C
OMMAND
U
SAGE
This command can be used to protect against the following types of DoS
attacks:
◆
DoS TCP-null-scan attacks – A TCP NULL scan message is used to
identify listening TCP ports. The scan uses a series of strangely
configured TCP packets which contain a sequence number of 0 and no
flags. If the target's TCP port is closed, the target replies with a TCP
RST (reset) packet. If the target TCP port is open, it simply discards the
TCP NULL scan.
◆
DoS TCP-SYN/FIN-scan attacks – A TCP SYN/FIN scan message is used
to identify listening TCP ports. The scan uses a series of strangely
configured TCP packets which contain SYN (synchronize) and FIN
(finish) flags. If the target's TCP port is closed, the target replies with a
TCP RST (reset) packet. If the target TCP port is open, it simply
discards the TCP SYN FIN scan.
◆
DoS TCP-xmas-scan attacks – A so-called TCP XMAS scan message is
used to identify listening TCP ports. This scan uses a series of strangely
configured TCP packets which contain a sequence number of 0 and the
URG, PSH and FIN flags. If the target's TCP port is closed, the target
replies with a TCP RST packet. If the target TCP port is open, it simply
discards the TCP XMAS scan.
E
XAMPLE
Console(config)#dos-protection tcp-null-scan
Console(config)#
show dos-
protection
This command shows the configuration settings for the DoS protection
commands.
C
OMMAND
M
ODE
Privileged Exec