Alcatel-Lucent 6600 Switch User Manual

Open as PDF

of 654

IP Configuration Configuring IP

page 14-16 OmniSwitch 6600 Family Network Configuration Guide April 2006

In the next minute, 10 more TCP and UDP closed port packets are received, along with 200 UDP open

port packets. This would bring the total penalty value to 4300, as shown with the following equation:

(100 previous minute value) + (10 TCP X 10 penalty) + (10 UDP X 10 penalty) +

(200 UDP X 20 penalty) = 4300

This value would be divided by 2 (due to decay) and decreased to 2150. The switch would record a port

scan and generate a trap to warn the administrator:

The above functions and how to set their values are covered in the sections that follow.

Setting Penalty Values

There are three types of traffic you can set a penalty value for:

• TCP/UDP packets bound for closed ports.

• TCP traffic bound for open ports.

• UDP traffic bound for open ports.

Each type has its own command used to assign a penalty value. Penalty values can be any non-negative

integer. Each time a packet is received that matches an assigned penalty, the total penalty value for the

switch is increased by the penalty value of the packet in question.

To assign a penalty value to TCP/UDP packets bound for a closed port, use the ip dos scan close-port-

penalty command with a penalty value. For example, to assign a penalty value of 10 to TCP/UDP packets

destined for closed ports, enter the following:

-> ip dos scan close-port-penalty 10

To assign a penalty value to TCP packets bound for an open port, use the ip dos scan tcp open-port-

penalty command with a penalty value. For example, to assign a penalty value of 10 to TCP packets

destined for opened ports, enter the following:

-> ip dos scan tcp open-port-penalty 10

To assign a penalty value to UDP packets bound for an open port, use the ip dos scan udp open-port-

penalty command with a penalty value. For example, to assign a penalty value of 10 to TCP/UDP packets

destined for closed ports, enter the following:

-> ip dos scan udp open-port-penalty 10

DoS Settings

UDP/TCP closed = 10

UDP open =20

TCP open = 5

Threshold = 2000

Decay = 3

Minute 2 Penalty Total = 2150

Generate DoS

Attack Warning

Trap

10 TCP closed port packets

10 UDP closed port packets

100 UDP open port packets

OmniSwitch 6648

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Alcatel-Lucent 6600 Switch User Manual