User guide
Security Security command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-98
style attack are blocked. The command allows you to specify the duration of the block
time limit.
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> security set IDS victimprotection 800
4.2.7.1.47 SECURITY SET IDS DOSATTACKBLOCK
Syntax SECURITY SET IDS DOSATTACKBLOCK <DURATION>
Description This command sets the DOS (Denial of Service) attack block duration Intrusion Detec-
tion Setting (IDS). A DOS attack is an attempt by an attacker to prevent legitimate users
from using a service. If a DOS attack is detected, all suspicious hosts are blocked for a
set time limit. This command allows you to specify the duration of the block time limit.
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> security set IDS DOSattackblock 800
4.2.7.1.48 SECURITY SET IDS MALICIOUSATTACKBLOCK
Syntax SECURITY SET IDS
MALICIOUSATTACKBLOCK <duration>
Description This command sets the malicious attack block duration Intrusion Detection Setting
(IDS). A malicious attack happens when a bad packet is sent which causes the networking
on certain systems to crash. For eg. In WinNuke attack, the attacker sends TCP packets
on port NetBIOS (135) with URG bit set, which causes networking to be disabled on
Win 95/NT machines. If a malicious attack is detected, all suspicious source IPs are
blocked for a set time limit. This command allows you to specify the duration of the
block time limit.
Option Description Default Value
duration The length of time (in seconds) that packets destined
for the victim of a spoofing style attack. are blocked for.
600
(10 minutes)
Option Description Default Value
duration The length of time (in seconds) that suspicious
hosts are blocked for once a DOS attack attempt
has been detected.
1800
(30 minutes)