Brocade Communications Systems 12.4.00a Manual De Usuario
134
ServerIron ADX Security Guide
53-1002440-03
DDoS protection
5
Displaying security filter statistics
You can display security filter statistics as shown.
The counters shown for the show security filter-statistics command display the DDoS attack types
and the number of packets that have been counted, logged or dropped for each type.
and the number of packets that have been counted, logged or dropped for each type.
Syntax: show security filter-statistics
Address-sweep and port-scan logging
The ServerIron ADX provides a log message for address-sweep and port-scan. When the ServerIron
ADX detects either of these attacks, the SSM CPU will send a message to the MP indicating the
particular IP will be held down for the specified time interval.
ADX detects either of these attacks, the SSM CPU will send a message to the MP indicating the
particular IP will be held down for the specified time interval.
Log example:
Security: Address-sweep attack detected!Holdown 10.10.1.101 for 2 min
ServerIronADX# show security filter-statistics
Filter |Type |Log Cnt |Drop Cnt
dos-filter |icmp-type |0 |0
Cumulative Statistics
attack-type = log-count, drop-count
ip-options = 0, 0
icmp-type = 0, 0
address-sweep = 0, 0
port-scan = 0, 0
generic = 0, 0
filter-dns = 0, 0
Attack-type = Attack-count
ipv6-ext-header = 1201
icmpv6-type-All = 321
icmpv6-type-NS = 221
icmpv6-type -NA = 60
icmpv6-type-RS = 24
icmpv6-type-RA = 16
large-icmp = 0
unknown-ip-proto = 0
xmas-tree = 0
tcp-no-flags = 0
syn-fragments = 0
syn-and-fin-set = 0
deny-all-fragments = 0
fin-with-no-ack = 0
icmp-fragment = 0
land-attack = 0
ping-of-death = 0