[x]

Configuring attack detection and prevention > Displaying and maintaining attack detection and prevention

 

 Next

Displaying and maintaining attack detection and prevention

Use the display commands in any view and the reset commands in user view.

To display and maintain attack detection and prevention:

Task

Command

(In standalone mode.) Display attack detection and prevention statistics on an interface.

display attack-defense statistics interface interface-type interface-number [ slot slot-number ]

(In IRF mode.) Display attack detection and prevention statistics on an interface.

display attack-defense statistics interface interface-type interface-number [ chassis chassis-number slot slot-number ]

(In standalone mode.) Display attack detection and prevention statistics for the device.

display attack-defense statistics local [ slot slot-number ]

(In IRF mode.) Display attack detection and prevention statistics for the device.

display attack-defense statistics local [ chassis chassis-number slot slot-number ]

Display attack defense policy configuration.

display attack-defense policy [ policy-name ]

(In standalone mode.) Display information about IPv4 scanning attackers.

display attack-defense scan attacker ip [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display information about IPv4 scanning attackers.

display attack-defense scan attacker ip [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display information about IPv6 scanning attackers.

display attack-defense scan attacker ipv6 [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display information about IPv6 scanning attackers.

display attack-defense scan attacker ipv6 [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display information about IPv4 scanning attack victims.

display attack-defense scan victim ip [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display information about IPv4 scanning attack victims.

display attack-defense scan victim ip [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display information about IPv6 scanning attack victims.

display attack-defense scan victim ipv6 [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display information about IPv6 scanning attack victims.

display attack-defense scan victim ipv6 [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display flood attack detection and prevention statistics for an IPv4 address.

display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display flood attack detection and prevention statistics for an IPv4 address.

display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ip [ ip-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display flood attack detection and prevention statistics for an IPv6 address.

display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ slot slot-number ] | local [ slot slot-number ] ] [ count ]

(In IRF mode.) Display flood attack detection and prevention statistics for an IPv6 address.

display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ interface interface-type interface-number [ chassis chassis-number slot slot-number ] | local [ chassis chassis-number slot slot-number ] ] [ count ]

(In standalone mode.) Display information about IPv4 addresses protected by flood attack detection and prevention.

display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ]

(In IRF mode.) Display information about IPv4 addresses protected by flood attack detection and prevention.

display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmp-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ip [ ip-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ]

(In standalone mode.) Display information about IPv6 addresses protected by flood attack detection and prevention.

display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ slot slot-number ] [ count ]

(In IRF mode.) Display information about IPv6 addresses protected by flood attack detection and prevention.

display attack-defense policy policy-name { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-ack-flood | syn-flood | udp-flood } ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ chassis chassis-number slot slot-number ] [ count ]

Display IPv4 blacklist entries.

display blacklist ip [ source-ip-address [ vpn-instance vpn-instance-name ] ] [ count ]

Display IPv6 blacklist entries.

display blacklist ipv6 [ source-ipv6-address [ vpn-instance vpn-instance-name ] ] [ count ]

Clear attack detection and prevention statistics for an interface.

reset attack-defense statistics interface interface-type interface-number

Clear attack detection and prevention statistics for the device.

reset attack-defense statistics local

Clear flood attack detection and prevention statistics.

reset attack-defense policy policy-name flood protected { ip | ipv6 } statistics

Clear dynamic IPv4 blacklist entries.

reset blacklist ip { source-ip-address [ vpn-instance vpn-instance-name ] | all }

Clear dynamic IPv6 blacklist entries.

reset blacklist ipv6 { source-ipv6-address [ vpn-instance vpn-instance-name ] | all }

Clear blacklist statistics.

reset blacklist statistics

prev

 

up

 next

Enabling the login delay 

home

 Attack detection and prevention configuration examples

© Copyright 2016 Hewlett Packard Enterprise Development LP