Allied-Telesis AT-iMG624A Router Manual PDF (Setup & Configuration Guide)

Page 396 / 998 Scroll up to view Page 391 - 395

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-94

‘local_real_port and duration’ attributes of the waitingsession cannot be set once a wait-

ingsession has been created and enabled. To set these the waitingsession must be dis-

abled.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security set waitingsession yahoo-video loacalrealport 4000

4.2.7.1.40 SECURITY LIST WAITINGSESSIONS

Syntax

security LIST waitingsessionS

Description

This command lists Waiting Sessions that were added to the Security module using the

security add waitingsession command. It displays the following information about Waiting

Sessions:

•

Waiting Session Name

•

Interface Name

•

Local Real IP (IP-Address)

•

Local Remote IP (IP-Address)

•

Transport Number (prot)

•

Local Real Port

•

Local Map Port

•

enabled status (true/false)

Example

security list waitingsessions

Waiting Sessions:

Local

| Local

| Real

| Map

|

Name

| Interface |

Local Real IP | Remote IP | Prot | Port

| Port

| Enable

Option

Description

Default Value

name

Name of the waitingsession

N/A

local_real_port

Specify the TCP/UDP port on which the traffic reaches

the router

N/A

duration

Optionally specify the duration after which not to

expect this traffic

N/A

Enabled

Specify whether the waiting-session should be enabled

N/A

Disabled

Specify whether the waiting-session should be disabled

N/A

Page 397 / 998

Security command reference

Security

4-95

iMG/RG Software Reference Manual (IPNetwork Functions)

------------------------------------------------------------------------------------

yahoo-vi.. | ip0

| 192.168.1.1

| 0.0.0.0

| 17

| 5000

| 500

| true

------------------------------------------------------------------------------------

4.2.7.1.41 SECURITY SHOW WAITINGSESSION

Syntax

SECURITY SHOW WAITINGSESSION <name

Description

This command displays information about a single waitingsession that was added to the

Security module using the security add waitingsession command. The following informa-

tions are displayed:

•

Waiting Session Name: Waiting Session Name.

•

Interface Name:

Specify the external/dmz interface over which traffic is expected.

•

Local Real IP Address:

Specify the IP address of the local host which is expecting this traffic.

•

Remote IP Address:

Optionally specify the IP address of the remote host from which the

traffic is expected.

•

Protocol:

The Protocol type- TCP/ UDP.

•

Local Real Port:

Specify the TCP/UDP port on which the traffic reaches the router.

•

Local Mapping Port:

Specify the TCP/UDP port on local host which this traffic is to be re-

directed to.

•

Remote Port:

The remote port from which this traffic is expected, or wildcard.

•

Duration:

Optionally specify the duration after which not to expect this traffic.

•

Reusable:

Specify whether the waiting-session should be enabled.

•

Enabled:

Specify whether the waiting-session should be disabled.

•

Description:

Comment provided to describe this particular traffic, if any.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security show waitingsession yahoo-video

Waiting Session Name: yahoo-video

Interface Name: wan

Local Real IP Address: 192.168.0.1

Remote IP Address: 0.0.0.0

Option

Description

Default Value

name

Name of the waitingsession

N/A

Page 398 / 998

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-96

Protocol: 17

Local Real Port: 4000

Local Mapping Port: 500

Remote Port: 65535

Duration: 300

Reusable: true

Enabled: true

Description: whatisit

4.2.7.1.42 SECURITY ENABLE|DISABLE IDS

Syntax

SECURITY {enable | disable} IDS

Description

This command explicitly enables/disables IDS (Intrusion Detection Service). You must

enable IDS if you want to activate the settings specified in the security IDS commands.

If you disable IDS during a session, any configuration changes made when IDS was

enabled are not deleted - you can re-enable them later in the session.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security enable IDS

See also

SECURITY enable|disable

4.2.7.1.43 SECURITY ENABLE|DISABLE IDS BLACKLIST

Syntax

security enable|disable IDS blacklist

Description

This command enables support for the IDS blacklist (Intrusion Detection Setting). Black-

listing denies an external host access to the system if IDS has detected an intrusion from

that host. Access to the network is denied for ten minutes.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Option

Description

Default Value

enable

Enables the IDS portion of the Security module.

Disable

disable

Disables the IDS portion of the Security module.

Option

Description

Default Value

enable

Enables blacklisting of an external host if IDS has

detected an intrusion from that host..

Disable

Page 399 / 998

Security command reference

Security

4-97

iMG/RG Software Reference Manual (IPNetwork Functions)

Example

--> security enable IDS blacklist

4.2.7.1.44 SECURITY CLEAR IDS BLACKLIST

Syntax

SECURITY CLEAR IDS BLACKLIST

Description

This command clears blacklisting of an external host. Blacklisting denies an external host

access to the system if IDS has detected an intrusion from that host. Access to the net-

work is denied for ten minutes, unless this command is used before this duration expires.

Example

--> security clear IDS blacklist

4.2.7.1.45 SECURITY ENABLE|DISABLE IDS VICTIMPROTECTION

Syntax

security enable|disable IDS victimprotection

Description

This command enables/disables the victim protection Intrusion Detection Setting (IDS).

This protects your system against broadcast pings. An attacker sends out a ping with a

broadcast destination address and a spoofed source address. Packets destined for the vic-

tim of a spoofing attack are blocked for a specified duration (600 minutes by default).

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security enable IDS victimprotection

4.2.7.1.46 SECURITY SET IDS VICTIMPROTECTION

Syntax

security set IDS victimprotection <duration>

Description

This command sets the duration of the victim protection Intrusion Detection Setting

(IDS). If victim protection is enabled, packets destined for the victim host of a spoofing

disable

Disables blacklisting of an external host if IDS has

detected an intrusion from that host.

Option

Description

Default Value

enable

Enables victim protection and blocks packets des-

tined for the victim host.

Disable

disable

Disables victim protection.

Option

Description

Default Value

Page 400 / 998

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-98

style attack are blocked. The command allows you to specify the duration of the block

time limit.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security set IDS victimprotection 800

4.2.7.1.47 SECURITY SET IDS DOSATTACKBLOCK

Syntax

SECURITY SET IDS DOSATTACKBLOCK <DURATION>

Description

This command sets the DOS (Denial of Service) attack block duration Intrusion Detec-

tion Setting (IDS). A DOS attack is an attempt by an attacker to prevent legitimate users

from using a service. If a DOS attack is detected, all suspicious hosts are blocked for a

set time limit. This command allows you to specify the duration of the block time limit.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security set IDS DOSattackblock 800

4.2.7.1.48 SECURITY SET IDS MALICIOUSATTACKBLOCK

Syntax

SECURITY SET IDS

MALICIOUSATTACKBLOCK

Description

This command sets the malicious attack block duration Intrusion Detection Setting

(IDS). A malicious attack happens when a bad packet is sent which causes the networking

on certain systems to crash. For eg. In WinNuke attack, the attacker sends TCP packets

on port NetBIOS (135) with URG bit set, which causes networking to be disabled on

Win 95/NT machines. If a malicious attack is detected, all suspicious source IPs are

blocked for a set time limit. This command allows you to specify the duration of the

block time limit.

Option

Description

Default Value

duration

The length of time (in seconds) that packets destined

for the victim of a spoofing style attack. are blocked for.

600

(10 minutes)

Option

Description

Default Value

duration

The length of time (in seconds) that suspicious

hosts are blocked for once a DOS attack attempt

has been detected.

1800

(30 minutes)

Rate

Popular Allied-Telesis Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share