Ip Blacklist Configuration Example - HP FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
UDP flood
ICMP flood
ICMPv6 flood
DNS flood
HTTP flood
Flood attack defense for protected IP addresses:
Address
10.1.1.2
# Verify that the attack detection and prevention takes effect on GigabitEthernet 1/0/2.
[Device] display attack-defense statistics interface gigabitethernet 1/0/2
Attack policy name: a1
Scan attack defense statistics:
AttackType
Port scan
IP sweep
Distribute port scan
Flood attack defense statistics:
AttackType
SYN flood
Signature attack defense statistics:
AttackType
Smurf
# Verify that the IPv4 blacklist feature collaborates with the scanning attack detection.
[Device] display blacklist ip
IP address
5.5.5.5
IP blacklist configuration example
Network requirements
As shown in
attacker Host D permanently and from Host C for 50 minutes.
Figure 141 Network diagram
Configuration procedure
# Configure IP addresses for the interfaces on the device. (Details not shown.)
# Enable the global blacklist feature.
1000(default)
1000(default)
1000(default)
1000(default)
1000(default)
VPN instance Flood type
--
VPN instance
--
Figure
141, configure the IP blacklist feature on the device to block packets from the
-
-
-
-
-
SYN-FLOOD
AttackTimes Dropped
2
0
3
0
1
0
AttackTimes Dropped
1
5000
AttackTimes Dropped
1
0
Type
TTL(sec) Dropped
Dynamic 600
353452
488
-
Disabled
-
Disabled
-
Disabled
53
Disabled
80
Disabled
Thres(pps) Actions Ports
5000
L,D
-
Advertisement
Table of Contents
Troubleshooting
