Cisco Cisco SG500-52PP 52-port Gigabit Max PoE+ Stackable Managed Switch 技术参考
Denial of Service (DoS) Commands
290
OL-31486-02 Command Line Interface Reference Guide
11
Example
The following example sets the TCP SYN protection threshold to 40 pps.
switchxxxxxx(config)#
security-suite syn protection threshold 40
11.12 show security-suite configuration
To display the security-suite configuration, use the show security-suite
configuration
configuration
switchxxxxxx>
command.
Syntax
show security-suite configuration
Command Mode
User EXEC mode
Example
The following example displays the security-suite configuration.
switchxxxxxx#
show security-suite configuration
Security suite is enabled (Per interface rules are enabled).
Denial Of Service Protect: stacheldraht, invasor-trojan,
back-office-trojan.
Denial Of Service SYN-FIN Attack is enabled
Denial Of Service SYN Attack
Interface
-----------------
gi1/1/
1
IP Address
--------------
176.16.23.0\24
SYN Rate (pps)
--------------
100
Martian addresses filtering
Reserved addresses: enabled.
Configured addresses: 10.0.0.0/8, 192.168.0.0/16
SYN filtering
Interface
----------------
gi1/1/
2
IP Address
--------------
176.16.23.0\24
TCP port
--------------
FTP
ICMP filtering