Verifying the configuration – H3C Technologies H3C SecPath F1000-E User Manual

Page 33

Advertising
background image

25

Verifying the configuration

After a scanning attack packet is received from zone Untrust, SecPath should output alarm logs and

add the IP address of the attacker to the blacklist. You can select Intrusion Detection > Blacklist from

the navigation tree to view whether the attacker's IP address is on the blacklist.

If a host in zone Trust initiates 100 or more connections, SecPath should output alarm logs and

discard subsequent connection request packets from the host. You can select Intrusion Detection >
Statistics from the navigation tree to view how many times that a connection limit per source IP

address has been exceeded and the number of packets dropped.

If the number of connections to the server in the DMZ reaches or exceeds 10000, SecPath should
output alarm logs and discard subsequent connection request packets. You can select Intrusion

Detection > Statistics from the navigation tree to view how many times that a connection limit per
destination IP address has been exceeded and the number of packets dropped.

If a SYN flood attack is initiated to the DMZ, SecPath should output alarm logs and discard the
attack packets. You can select Intrusion Detection > Statistics from the navigation tree to view the

number of SYN flood attacks and the number of packets dropped.


Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals