122 ServerIron ADX Security Guide
53-1002440-03

Configuring Syn-Proxy

5
Displaying TCP Attack Information

The show server tcp-attack command displays attack information for connection rates counters.

Syntax: show server tcp-attack [debug | fast-path]

Displaying Server Traffic information

The show server traffic command displays four counters that help to analyze incoming traffic and

determine the DOS attack occurrence. Be sure to issue show L4-traffic from the SSM CPU (not the

MP).

ServerIronADX# show server tcp-attack
Connection counters:
Current conn rate = 0 Max conn rate = 1
Attack counters:
Current attack rate = 0 Max attack rate = 0
Client-side counters:
SYN rcvd = 6 SYN-ACK sent = 6
Valid ACKs rcvd = 3 Invalid ACKs rcvd = 33
Client pkt rcvd = 15 Data pkt stored = 3
ACK without data dropp = 0
Destination-side counters:
SYN sent = 3 SYN-ACK rcvd = 3
Duplicate SYN sent = 0 Duplicate SYN-ACK rcvd = 0
Server pkt rcvd = 21 Stored pkt sent = 0
ServerIronADX# show server traffic
Client->Server = 3760614467 Server->Client = 2169558899
Drops = 0 Aged = 17568293
Fw_drops = 0 Rev_drops = 0
FIN_or_RST = 169210866 old-conn = 0
Disable_drop = 0 Exceed_drop = 0
Stale_drop = 9 Unsuccessful = 0
SYN def/proxy RST = 0 Server Resets = 0
Out of Memory = 0 Out of Memory = 0
last conn rate = 0 max conn rate = 16283
last TCP attack rate = 0 max TCP attack rate = 0
fast vport found = 0 fast vport n found = 477
Fwd to non-static FI = 0 Dup stale SYN = 0
TCP forward FIN = 0 TCP reverse FIN = 0
Fast path FWD FIN = 0 Fast path REV FIN = 0
Fast path SLB SYN = 0 Dup SYN after FIN = 0
Duplicate SYN = 0 Duplicate sessions = 0
TCP ttl FIN recvd = 0 TCP ttl reset recvd = 0
Sessions in DEL_Q = 0 Sess force deleted = 0
Fwd sess not found = 0 sess already in delQ = 0
Sess rmvd from delQ = 0
New sess sync sent = 0 New sess sync recvd = 0
TCP SYN received = 0 TCP SYN dropped = 0
TCP SYN to MP = 0 TCP SYN ACK to MP = 0
TCP SYN ACK received = 0 TCP SYN ACK dropped = 0
TCP pkt received = 0 TCP pkt dropped = 0
TCP pkt to MP = 0
Dropped VIP pings = 0