Reference Guide
3 Configuration commands Intrusion detection system commands
NN47928-107 47
ids spoof
IDS spoof detection can be activated for all IP interfaces, including eth0,
eth1, the PPP interface, vifX (VLAN), and VPN interfaces. IDS spoof
detection defines the IP interfaces as trusted or untrusted interfaces.
By default, IDS assumes the trust settings shown in Table 6
.
IDS assumes that spoof attacks arrive from the WAN and by default assigns
untrusted status to WAN interfaces. This activates spoof detection for these
interfaces.
IDS assumes that LAN traffic is safe and the LAN is not a likely source of
spoof attacks. Therefore, by default, spoof protection is not needed on LAN
interfaces.
IDS assumes that a VPN secures its traffic from spoof attacks. VPN
interfaces are trusted.
This command changes IDS spoof detection on an IP interface.
Syntax config ids spoof [eth0|eth1|ppp0] type [trusted|untrusted]
Parameters name eth0|eth1|ppp0
Specify the interface name.
type trusted|untrusted
Specify whether the interface is a trusted or
untrusted interface. IDS checks for spoof
attacks on untrusted interfaces only.
Example > config ids spoof eth1 type untrusted
Related
commands
display ids spoof
show ids spoof
clear ids attacks
show ids attacks
Table 6
Default Trust Settings for Interfaces
Interface Trust Setting
eth0 untrusted
eth1 trusted
WAN vifn untrusted
LAN vifn trusted
vpnn trusted
ppp0 untrusted