Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Security Clear and Show Commands

16-92 Configuring Security

show access-list log-update-threshold

ThiscommanddisplaysACLloginformation.Itisprocessedasfollows:

•ApacketwithafreshsourceIPaddressontheACLgroupisreportedimmediately.Datais

cachedtokeeptrackoftheoccurrencehappeningagaininthenearfuture.

•AllotherarrivalsofthepacketwithexistingsourceIPaddress

dataonthatACLgroupwill

incrementthenumberofpacketsand,afterfiveminutes,loganalarmwiththesumofpackets

gatheredinthelastfiveminutes.Thecountwillresetafterthealarmislogged.

•Forenabledthresholddata,ifthecountmatchesthethresholdthenthealarm

isloggedand

thecountreset.Otherpacketsreceivedafterthethresholdismetwillincrementthecount

untilthenextthresholdismetorfiveminuteshaveelapsed.

Syntax

show access-list log-update-threshold

Mode

PrivilegedEXECorGlobalconfiguration:XSR# or XSR(config)#

Sample Output

ThefollowingexampledisplaysasampleACLlog:

XSR#show access-list log-update-threshold

access-list log-update-threshold 10000

show hostdos

Thiscommanddisplaysenabledhostsecurityfeaturesandtheirstatistics.

Syntax

show hostdos

Mode

PrivilegedEXECorGlobalconfiguration:XSR# or XSR(config)#

Sample Output

Thefollowingexampledisplaysasamplehostsecurityconfigurationwithstatistics:

XSR#show hostdos

LANd Attack (Destination IP = Source IP}

Enabled

10 attacks

Spoofed Address Check

Enabled

0 attacks

previous next