Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1981198219831984198519861987198819891990
1926 FastIron Configuration Guide
53-1002494-02
TCP SYN attacks
Protecting against a blind injection attack
In a blind TCP injection attack, a perpetrator tries to inject or manipulate data in a TCP connection.
To reduce the chances of a blind injection attack, an additional check on all incoming TCP
segments is performed.
Displaying statistics about packets dropped
because of DoS attacks
To display information about ICMP and TCP SYN packets dropped because burst thresholds were
exceeded, enter the show statistics dos-attack command.
Syntax: show statistics dos-attack
To clear statistics about ICMP and TCP SYN packets dropped because burst thresholds were
exceeded, enter the clear statistics dos-attack command.
Brocade#clear statistics dos-attack
Syntax: clear statistics dos-attack
Brocade#show statistics dos-attack
---------------------------- Local Attack Statistics --------------------------
ICMP Drop Count ICMP Block Count SYN Drop Count SYN Block Count
--------------- ---------------- -------------- ---------------
0 0 0 0
--------------------------- Transit Attack Statistics -------------------------
Port ICMP Drop Count ICMP Block Count SYN Drop Count SYN Block Count
----- --------------- ---------------- -------------- ---------------
3/11 0 0 0 0