Home » TP-Link Manuals » Hubs & Switches » TP-Link T1600G-18TSTL-SG2216 » Manual Viewer

TP-Link T1600G-18TSTL-SG2216 T1600G-18TSUN V1 CLI Reference Guide Guide - Page 110

Enable the DoS Defend Type named Land attack

View all TP-Link T1600G-18TSTL-SG2216 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 110 highlights

IP address of the SYN packet are set to be the IP address of the host, the host will be trapped in an endless circle of building the initial connection. scan-synfin --The attacker sends the packet with its SYN field and the FIN field set to 1. The SYN field is used to request initial connection whereas the FIN field is used to request disconnection. Therefore, the packet of this type is illegal. xma-scan --The attacker sends the illegal packet with its TCP index, FIN, URG and PSH field set to 1. null-scan --The attacker sends the illegal packet with its TCP index and all the control fields set to 0. During the TCP connection and data transmission, the packets with all control fields set to 0 are considered illegal. port-less-1024 --The attacker sends the illegal packet with its TCP SYN field set to 1 and source port smaller than 1024. blat --The attacker sends the illegal packet with the same source port and destination port on Layer 4 and with its URG field set to 1. Similar to the Land Attack, the system performance of the attacked host is reduced because the Host circularly attempts to build a connection with the attacker. ping-flood --The attacker floods the destination system with Ping packets, creating a broadcast storm that makes it impossible for the system to respond to legal communication. syn-flood --The attacker uses a fake IP address to send TCP request packets to the server. Upon receiving the request packets, the server responds with SYN-ACK packets. Since the IP address is fake, no response will be returned. The server will keep on sending SYN-ACK packets. If the attacker sends overflowing fake request packets, the network resource will be occupied maliciously and the requests of the legal clients will be denied. win-nuke --Because the Operation System with bugs cannot correctly process the URG (Urgent Pointer) of TCP packets, the attacker sends this type of packets to the TCP port139 (NetBIOS) of the host with the Operation System bugs, which will cause the host with a blue screen. Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the DoS Defend Type named Land attack: 93

Section	Page
Preface	18
Chapter 1 Using the CLI	21
1.1 Accessing the CLI	21
1.1.1 Logon by Telnet	21
1.1.2 Logon by SSH	22
1.2 CLI Command Modes	27
1.3 Privilege Restrictions	30
1.4 Conventions	30
1.4.1 Format Conventions	30
1.4.2 Special Characters	31
1.4.3 Parameter Format	31
Chapter 2 User Interface	32
2.1 enable	32
2.2 service password-encryption	32
2.3 enable password	33
2.4 enable secret	34
2.5 configure	35
2.6 exit	36
2.7 end	36
2.8 history	37
2.9 history clear	37
Chapter 3 IEEE 802.1Q VLAN Commands	39
3.1 vlan	39
3.2 interface vlan	40
3.3 name	40
3.4 switchport general allowed vlan	41
3.5 switchport pvid	42
3.6 show vlan summary	42
3.7 show vlan brief	43
3.8 show vlan	43
3.9 show interface switchport	44
Chapter 4 MAC-based VLAN Commands	45
4.1 mac-vlan mac-address	45
4.2 mac-vlan	46
4.3 show mac-vlan	46
4.4 show mac-vlan interface	47
Chapter 5 Protocol-based VLAN Commands	48
5.1 protocol-vlan template (For T1600G-18TS only)	48
5.2 protocol-vlan template (For other switches)	49
5.3 protocol-vlan vlan	50
5.4 protocol-vlan group	50
5.5 show protocol-vlan template	51
5.6 show protocol-vlan vlan	52
Chapter 6 Voice VLAN Commands	53
6.1 voice vlan	53
6.2 voice vlan aging	53
6.3 voice vlan priority	54
6.4 voice vlan mac-address	55
6.5 switchport voice vlan mode	56
6.6 switchport voice vlan security	56
6.7 show voice vlan	57
6.8 show voice vlan oui	57
6.9 show voice vlan switchport	58
Chapter 7 Etherchannel Commands	59
7.1 channel-group	59
7.2 port-channel load-balance	60
7.3 lacp system-priority	61
7.4 lacp port-priority	62
7.5 show etherchannel	62
7.6 show etherchannel load-balance	63
7.7 show lacp	64
7.8 show lacp sys-id	64
Chapter 8 User Management Commands	66
8.1 user name (password)	66
8.2 user name (secret)	67
8.3 user access-control ip-based	68
8.4 user access-control mac-based	69
8.5 user access-control port-based	70
8.6 telnet	71
8.7 show user account-list	71
8.8 show user configuration	72
8.9 show telnet-status	72
Chapter 9 HTTP and HTTPS Commands	74
9.1 ip http server	74
9.2 ip http max-users (For T1600G-18TS only)	75
9.3 ip http max-users (For other switches)	76
9.4 ip http session timeout	76
9.5 ip http secure-server	77
9.6 ip http secure-protocol	78
9.7 ip http secure-ciphersuite	78
9.8 ip http secure-max-users (For T1600G-18TS only)	79
9.9 ip http secure-max-users (For other switches)	80
9.10 ip http secure-session timeout	81
9.11 ip http secure-server download certificate	82
9.12 ip http secure-server download key	83
9.13 show ip http configuration	84
9.14 show ip http secure-server	84
Chapter 10 ARP Commands	85
10.1 arp	85
10.2 clear arp-cache	86
10.3 arp timeout	86
10.4 show arp	87
10.5 show ip arp (interface)	87
10.6 show ip arp summary	88
Chapter 11 Binding Table Commands	89
11.1 ip source binding	89
11.2 ip dhcp snooping	90
11.3 ip dhcp snooping vlan	91
11.4 ip dhcp snooping information option	92
11.5 ip dhcp snooping information strategy	92
11.6 ip dhcp snooping information remote-id	93
11.7 ip dhcp snooping information circuit-id	94
11.8 ip dhcp snooping trust	95
11.9 ip dhcp snooping mac-verify	95
11.10 ip dhcp snooping limit rate	96
11.11 ip dhcp snooping decline rate	97
11.12 show ip source binding	98
11.13 show ip dhcp snooping	98
11.14 show ip dhcp snooping interface	99
11.15 show ip dhcp snooping information interface	99
Chapter 12 ARP Inspection Commands	101
12.1 ip arp inspection(global)	101
12.2 ip arp inspection trust	101
12.3 ip arp inspection(interface)	102
12.4 ip arp inspection limit-rate	103
12.5 ip arp inspection recover	104
12.6 show ip arp inspection	104
12.7 show ip arp inspection interface	105
12.8 show ip arp inspection statistics	105
12.9 clear ip arp inspection statistics	106
Chapter 13 DoS Defend Commands	107
13.1 ip dos-prevent	107
13.2 ip dos-prevent type (For T1600G-18TS only)	107
13.3 ip dos-prevent type (For other switches)	109
13.4 show ip dos-prevent	111
Chapter 14 IEEE 802.1X Commands	112
14.1 dot1x system-auth-control	112
14.2 dot1x handshake	113
14.3 dot1x auth-method	113
14.4 dot1x accounting	114
14.5 dot1x guest-vlan(global)	115
14.6 dot1x quiet-period	115
14.7 dot1x timeout supplicant-timeout	116
14.8 dot1x max-reauth-req	117
14.9 dot1x	118
14.10 dot1x guest-vlan(interface)	118
14.11 dot1x port-control	119
14.12 dot1x port-method	120
14.13 show dot1x global	121
14.14 show dot1x interface	121
Chapter 15 System Log Commands	123
15.1 logging buffer	123
15.2 logging buffer level	123
15.3 logging file flash	124
15.4 logging file flash frequency	125
15.5 logging file flash level	126
15.6 logging host index	126
15.7 logging monitor	127
15.8 logging monitor level	128
15.9 clear logging	129
15.10 show logging local-config	129
15.11 show logging loghost	130
15.12 show logging buffer	130
15.13 show logging flash	131
Chapter 16 SSH Commands	132
16.1 ip ssh server	132
16.2 ip ssh version	132
16.3 ip ssh algorithm	133
16.4 ip ssh timeout	134
16.5 ip ssh max-client	134
16.6 ip ssh download	135
16.7 remove public-key	136
16.8 show ip ssh	136
Chapter 17 MAC Address Commands	138
17.1 mac address-table static	138
17.2 mac address-table aging-time	139
17.3 mac address-table filtering	139
17.4 mac address-table notification	140
17.5 mac address-table max-mac-count	141
17.6 mac address-table notification (interface)	142
17.7 mac address-table security	143
17.8 show mac address-table	144
17.9 clear mac address-table	145
17.10 show mac address-table aging-time	145
17.11 show mac address-table max-mac-count	146
17.12 show mac address-table interface	146
17.13 show mac address-table count	147
17.14 show mac address-table address	148
17.15 show mac address-table vlan	148
17.16 show mac address-table notification	149
17.17 show mac address-table security	149
Chapter 18 System Configuration Commands	151
18.1 system-time manual	151
18.2 system-time ntp	151
18.3 system-time dst predefined	153
18.4 system-time dst date	154
18.5 system-time dst recurring	155
18.6 hostname	156
18.7 location	157
18.8 contact-info	157
18.9 ip address	158
18.10 ip address-alloc	159
18.11 reset	160
18.12 reboot	160
18.13 reboot-schedule	161
18.14 copy running-config startup-config	162
18.15 copy startup-config tftp	162
18.16 copy tftp startup-config	163
18.17 boot application	164
18.18 remove backup-image	164
18.19 firmware upgrade	165
18.20 ping	166
18.21 tracert	167
18.22 show system-info	168
18.23 show image-info	168
18.24 show boot	169
18.25 show running-config	169
18.26 show startup-config	170
18.27 show system-time	170
18.28 show system-time dst	171
18.29 show system-time ntp	171
18.30 show cable-diagnostics interface gigabitEthernet	172
18.31 show cpu-utilization	172
18.32 show memory-utilization	173
Chapter 19 IPv6 Address Configuration Commands	174
19.1 ipv6 enable	174
19.2 ipv6 address autoconfig	174
19.3 ipv6 address link-local	175
19.4 ipv6 address dhcp	176
19.5 ipv6 address ra	176
19.6 ipv6 address eui-64	177
19.7 ipv6 address	178
19.8 show ipv6 interface	179
Chapter 20 Ethernet Configuration Commands	180
20.1 interface gigabitEthernet	180
20.2 interface range gigabitEthernet	180
20.3 description	181
20.4 shutdown	182
20.5 flow-control	183
20.6 duplex	183
20.7 jumbo	184
20.8 jumbo-size	184
20.9 speed	185
20.10 storm-control pps	186
20.11 storm-control (For T1600G-18TS only)	186
20.12 storm-control (For other switches)	187
20.13 bandwidth	188
20.14 clear counters	189
20.15 show interface status	190
20.16 show interface counters	190
20.17 show interface configuration	191
20.18 show storm-control	192
20.19 show bandwidth	192
Chapter 21 QoS Commands	194
21.1 qos (For T1600G-18TS only)	194
21.2 qos (For other switches)	195
21.3 qos cos	195
21.4 qos dscp	196
21.5 qos queue cos-map	197
21.6 qos queue dscp-map (For T1600G-18TS only)	198
21.7 qos queue dscp-map (For other switches)	199
21.8 qos queue mode	200
21.9 qos queue weight	201
21.10 show qos interface	202
21.11 show qos cos-map	203
21.12 show qos dscp-map	203
21.13 show qos queue mode	204
21.14 show qos status	204
Chapter 22 Port Mirror Commands	205
22.1 monitor session destination interface	205
22.2 monitor session source interface	206
22.3 show monitor session	207
Chapter 23 Port Isolation Commands	208
23.1 port isolation	208
23.2 show port isolation interface	209
Chapter 24 Loopback Detection Commands	210
24.1 loopback-detection (global)	210
24.2 loopback-detection interval	210
24.3 loopback-detection recovery-time	211
24.4 loopback-detection (interface)	212
24.5 loopback-detection config	212
24.6 loopback-detection recover	213
24.7 show loopback-detection global	214
24.8 show loopback-detection interface	214
Chapter 25 ACL Commands	216
25.1 access-list create	216
25.2 mac access-list	216
25.3 access-list standard	217
25.4 access-list extended	218
25.5 access-list ipv6	219
25.6 rule	221
25.7 access-list policy name	222
25.8 access-list policy action	222
25.9 access-list bind acl(interface)	223
25.10 access-list bind acl(vlan)	223
25.11 access-list bind(interface)	224
25.12 access-list bind(vlan)	225
25.13 show access-list	225
25.14 show access-list policy	226
25.15 show access-list bind	226
Chapter 26 MSTP Commands	227
26.1 debug spanning-tree	227
26.2 spanning-tree (global)	228
26.3 spanning-tree (interface)	228
26.4 spanning-tree common-config	229
26.5 spanning-tree mode	230
26.6 spanning-tree mst configuration	231
26.7 instance	231
26.8 name	232
26.9 revision	233
26.10 spanning-tree mst instance	234
26.11 spanning-tree mst	234
26.12 spanning-tree priority	235
26.13 spanning-tree timer	236
26.14 spanning-tree hold-count	237
26.15 spanning-tree max-hops	237
26.16 spanning-tree bpdufilter	238
26.17 spanning-tree bpduguard	239
26.18 spanning-tree guard loop	239
26.19 spanning-tree guard root	240
26.20 spanning-tree guard tc	241
26.21 spanning-tree mcheck	241
26.22 show spanning-tree active	242
26.23 show spanning-tree bridge	242
26.24 show spanning-tree interface	243
26.25 show spanning-tree interface-security	244
26.26 show spanning-tree mst	244
Chapter 27 IGMP Snooping Commands	246
27.1 ip igmp snooping (global)	246
27.2 ip igmp snooping (interface)	246
27.3 ip igmp snooping rtime	247
27.4 ip igmp snooping mtime	248
27.5 ip igmp snooping report-suppression	248
27.6 ip igmp snooping immediate-leave	249
27.7 ip igmp snooping drop-unknown	249
27.8 ip igmp snooping last-listener query-inteval	250
27.9 ip igmp snooping last-listener query-count	251
27.10 ip igmp snooping vlan-config	251
27.11 ip igmp snooping vlan-config (router-port-forbidden)	253
27.12 ip igmp snooping multi-vlan-config	254
27.13 ip igmp snooping multi-vlan-config (router-port-forbidden)	255
27.14 ip igmp snooping multi-vlan-config (source-ip-replace)	256
27.15 ip igmp snooping querier vlan	256
27.16 ip igmp snooping querier vlan (general query)	257
27.17 ip igmp snooping max-groups	258
27.18 ip igmp snooping authentication	259
27.19 ip igmp snooping accounting	260
27.20 ip igmp profile	260
27.21 deny	261
27.22 permit	262
27.23 range	262
27.24 ip igmp filter	263
27.25 clear ip igmp snooping statistics	263
27.26 show ip igmp snooping	264
27.27 show ip igmp snooping interface	264
27.28 show ip igmp snooping vlan	265
27.29 show ip igmp snooping multi-vlan	266
27.30 show ip igmp snooping groups	266
27.31 show ip igmp snooping querier	267
27.32 show ip igmp profile	268
Chapter 28 MLD Snooping Commands	269
28.1 ipv6 mld snooping (global)	269
28.2 ipv6 mld snooping (interface)	269
28.3 ipv6 mld snooping rtime	270
28.4 ipv6 mld snooping mtime	270
28.5 ipv6 mld snooping report-suppression	271
28.6 ipv6 mld snooping immediate-leave	272
28.7 ipv6 mld snooping drop-unknown	272
28.8 ipv6 mld snooping last-listener query-inteval	273
28.9 ipv6 mld snooping last-listener query-count	273
28.10 ipv6 mld snooping vlan-config	274
28.11 ip mld snooping vlan-config (router-port-forbidden)	275
28.12 ipv6 mld snooping multi-vlan-config	276
28.13 ipv6 mld snooping multi-vlan-config (router-port-forbidden)	277
28.14 ipv6 mld snooping multi-vlan-config (source-ip-replace)	278
28.15 ipv6 mld snooping querier vlan	279
28.16 ipv6 mld snooping querier vlan (general query)	279
28.17 ipv6 mld snooping max-groups	280
28.18 ipv6 mld profile	282
28.19 deny	282
28.20 permit	283
28.21 range	283
28.22 ipv6 mld filter	284
28.23 clear ipv6 mld snooping statistics	284
28.24 show ipv6 mld snooping	285
28.25 show ipv6 mld snooping interface	285
28.26 show ipv6 mld snooping vlan	286
28.27 show ipv6 mld snooping multi-vlan	287
28.28 show ipv6 mld snooping groups	287
28.29 show ipv6 mld snooping querier	288
28.30 show ipv6 mld profile	288
Chapter 29 SNMP Commands	290
29.1 snmp-server	290
29.2 snmp-server view	290
29.3 snmp-server group	291
29.4 snmp-server user	293
29.5 snmp-server community	294
29.6 snmp-server host	295
29.7 snmp-server engineID	297
29.8 snmp-server traps snmp	297
29.9 snmp-server traps link-status	298
29.10 snmp-server traps	299
29.11 snmp-server traps vlan	300
29.12 rmon history	301
29.13 rmon event	302
29.14 rmon alarm	303
29.15 rmon statistics	305
29.16 show snmp-server	305
29.17 show snmp-server view	306
29.18 show snmp-server group	306
29.19 show snmp-server user	307
29.20 show snmp-server community	307
29.21 show snmp-server host	308
29.22 show snmp-server engineID	308
29.23 show rmon history	309
29.24 show rmon event	309
29.25 show rmon alarm	310
29.26 show rmon statistics	310
Chapter 30 LLDP Commands	312
30.1 lldp	312
30.2 lldp hold-multiplier	312
30.3 lldp timer	313
30.4 lldp receive	314
30.5 lldp transmit	315
30.6 lldp snmp-trap	315
30.7 lldp tlv-select	316
30.8 lldp management address	317
30.9 lldp med-fast-count	317
30.10 lldp med-status	318
30.11 lldp med-tlv-select	319
30.12 lldp med-location	319
30.13 show lldp	320
30.14 show lldp interface	321
30.15 show lldp local-information interface	321
30.16 show lldp neighbor-information interface	322
30.17 show lldp traffic interface	322
Chapter 31 Static Routes Commands	324
31.1 interface vlan	324
31.2 interface loopback	324
31.3 switchport	325
31.4 interface range port-channel	326
31.5 description	326
31.6 shutdown	327
31.7 interface port-channel	328
31.8 ip route	328
31.9 ipv6 routing	329
31.10 ipv6 route	330
31.11 show interface vlan	330
31.12 show ip interface	331
31.13 show ip interface brief	332
31.14 show ip route	332
31.15 show ip route specify	333
31.16 show ip route summary	334
31.17 show ipv6 interface	334
31.18 show ipv6 route	335
31.19 show ipv6 route summary	335
Chapter 32 SDM Template Commands	337
32.1 sdm prefer	337
32.2 show sdm prefer	338
Chapter 33 AAA Commands	339
33.1 aaa enable	339
33.2 tacacas-server host	340
33.3 show tacacs-server	341
33.4 radius-server host	341
33.5 show radius-server	343
33.6 aaa group	343
33.7 server	344
33.8 show aaa group	345
33.9 aaa authentication login	345
33.10 aaa authentication enable	346
33.11 aaa authentication dot1x default	347
33.12 aaa accounting dot1x default	348
33.13 show aaa authentication	349
33.14 show aaa accounting	349
33.15 line telnet	350
33.16 login authentication (telnet)	350
33.17 line ssh	351
33.18 login authentication (ssh)	351
33.19 enable authentication (telnet)	352
33.20 enable authentication (ssh)	353
33.21 ip http login authentication	354
33.22 ip http enable authentication	354
33.23 show aaa global	355
Chapter 34 DHCP Relay Commands	356
34.1 service dhcp relay	356
34.2 ip helper-address	356
34.3 ip dhcp relay information	357
34.4 ip dhcp relay information policy	358
34.5 ip dhcp relay information custom	358
34.6 ip dhcp relay information circuit-id	359
34.7 ip dhcp relay information remote-id	360
34.8 ip dhcp relay default-interface	360
34.9 ip dhcp relay vlan	361
34.10 show ip dhcp relay	362
Chapter 35 PoE Commands	363
35.1 power inline consumption (global)	363
35.2 power inline disconnect-method	363
35.3 power profile	364
35.4 power time-range	365
35.5 power holiday	366
35.6 absolute	367
35.7 periodic	367
35.8 holiday	368
35.9 power inline consumption (interface)	369
35.10 power inline priority	370
35.11 power inline supply	370
35.12 power inline profile	371
35.13 power inline time-range	372
35.14 show power inline	372
35.15 show power inline configuration interface	373

Match case Limit results 1 per page

IP address of the SYN packet are set to be the IP address of the host, the

host will be trapped in an endless circle of building the initial connection.

scan-synfin ——The attacker sends the packet with its SYN field and the FIN

field set to 1. The SYN field is used to request initial connection whereas the

FIN field is used to request disconnection. Therefore, the packet of this type

is illegal.

xma-scan ——The attacker sends the illegal packet with its TCP index, FIN,

URG and PSH field set to 1.

null-scan ——The attacker sends the illegal packet with its TCP index and all

the control fields set to 0. During the TCP connection and data transmission,

the packets with all control fields set to 0 are considered illegal.

port-less-1024 ——The attacker sends the illegal packet with its TCP SYN

field set to 1 and source port smaller than 1024.

blat ——The attacker sends the illegal packet with the same source port and

destination port on Layer 4 and with its URG field set to 1. Similar to the Land

Attack, the system performance of the attacked host is reduced because the

Host circularly attempts to build a connection with the attacker.

ping-flood ——The attacker floods the destination system with Ping packets,

creating a broadcast storm that makes it impossible for the system to

respond to legal communication.

syn-flood ——The attacker uses a fake IP address to send TCP request

packets to the server. Upon receiving the request packets, the server

responds with SYN-ACK packets. Since the IP address is fake, no response

will be returned. The server will keep on sending SYN-ACK packets. If the

attacker sends overflowing fake request packets, the network resource will

be occupied maliciously and the requests of the legal clients will be denied.

win-nuke ——Because the Operation System with bugs cannot correctly

process the URG (Urgent Pointer) of TCP packets, the attacker sends this

type of packets to the TCP port139 (NetBIOS) of the host with the Operation

System bugs, which will cause the host with a blue screen

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these

commands.

Example

Enable the DoS Defend Type named Land attack: