Manualshelf

HP VPN Firewall Appliances Attack Protection Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
33
<Sysname> reset attack-defense statistics vd vdtest zone trust
Related commands
display attack-defense statistics zone
signature-detect
Use signature-detect to enable signature detection of a single-packet attack.
Use undo signature-detect to disable signature detection of a single-packet attack.
Syntax
signature-detect { fraggle | icmp-redirect | icmp-unreachable | land | large-icmp | route-record |
smurf | source-route | tcp-flag | tracert | winnuke } enable
undo signature-detect { fraggle | icmp-redirect | icmp-unreachable | land | large-icmp | route-record
| smurf | source-route | tcp-flag | tracert | winnuke } enable
Default
Signature detection of all type of attacks is disabled.
Views
Attack protection policy view
Default command level
2: System level
Parameters
fraggle: Specifies the Fraggle packet attack.
icmp-redirect: Specifies the ICMP redirect packet attack.
icmp-unreachable: Specifies the ICMP unreachable packet attack.
land: Specifies the Land packet attack.
large-icmp: Specifies the large ICMP packet attack.
route-record: Specifies the route record packet attack.
smurf: Specifies the Smurf packet attack.
source-route: Specifies the source route packet attack.
tcp-flag: Specifies the TCP flag packet attack.
tracert: Specifies the Tracert packet attack.
winnuke: Specifies the Winnuke packet attack.
Examples
# Enable signature detection of Fraggle attack in attack protection policy 1.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] signature-detect fraggle enable
Related commands
display attack-defense policy