Chapter 24: Denial of Service (DoS) Commands
368
SET DOSSyntax
set dos ipaddress=ipaddress subnet=mask
uplinkport=port
Parameters
ipaddress Specifies the IP address of one of the devices
connected to the switch, preferably the lowest IP
address.
subnet Specifies the subnet mask of the LAN. A binary “1”
indicates the switch should filter on the
corresponding bit of the address, while a “0”
indicates that it should not.
uplinkport Specifies the port on the switch that is connected to
a device (e.g., DSL router) that leads outside the
network. You can specify only one port. This
parameter is required for the Land defense. The
default is the highest numbered existing port in the
switch. For example, the default uplink port for an
AT-8500 Series switch with no installed expansion
modules would be Port 24.
Description
This command is required for the SMURF and Land defenses. The SMURF
defense uses the LAN address and mask to determine the broadcast
address of your network. The Land defense uses this information to
determine which traffic is local and which is remote to your network.
Here is an example. Let’s assume that the devices connected to a switch
are using the IP address range 149.11.11.1 to 149.11.11.50. The IP
address would be 149.11.11.1 and the mask would be 0.0.0.63.
Examples
The following command sets the IP address to 149.11.11.1 and the mask
to 0.0.0.63:
set dos ipaddress=149.11.11.1 subnet=0.0.0.63
The following command sets the IP address to 149.22.22.1, the mask to
0.0.0.255, and the uplink port for the Land defense to port 21:
set dos ipaddress=149.22.22.1 subnet=0.0.0.255
uplinkport=21