User guide
Security command reference Security
4-101
iMG/RG Software Reference Manual (IPNetwork Functions)
4.2.7.1.52 SECURITY SET IDS SCANATTACKBLOCK
Syntax SECURITY SET IDS SCANATTACKBLOCK <DURATION>
Description This command allows you to set the scan attack block duration Intrusion Detection Set-
ting (IDS). If hosts are blocked for a set time limit, this command allows you to specify the
duration of the block time limit.
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> security set IDS SCANattackblock 43200
4.2.7.1.53 SECURITY SET IDS FLOODPERIOD
Syntax SECURITY SET IDS FLOODPERIOD <DURATION>
Description This command allows you to set the time limit during which suspected SYN floods are
counted. If the number of SYN floods counted within the specified duration is greater
than the threshold set by either SECURITY SET IDS FLOODTHRESHOLD OR SECU-
RITY SET IDS PORTFLOODTHRESHOLD, the suspected attacker is blocked for the
time limit specified in the command SECURITY SET IDS DOSATTACKBLOCK.
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).
Example --> security set IDS floodperiod 60
4.2.7.1.54 SECURITY SET IDS FLOODTHRESHOLD
Syntax SECURITY SET IDS FLOODTHRESHOLD <MAX>
Description This command allows you to set the maximum number of SYN packets allowed before a
flood is detected. If the number of SYN packets counted within the time duration set by
the command SECURITY SET IDS FLOODPERIOD is greater than the maximum value
Option Description Default Value
duration The length of time (in seconds) that a suspicious
host is blocked for, after scan activity has been
detected.
86400 (one day)
Option Description Default Value
duration The length of time (in seconds) that suspected SYN
floods are counted for.
10