| Chapter 22 IDP Commands | |
|
|
|
Table 83 Editing/Creating IDP Signature Profiles (continued) | ||
COMMAND | DESCRIPTION |
|
signature sid action {drop | Sets an action for an IDP signature |
|
|
| |
no signature sid action | Deactivates an action for an IDP signature. |
|
show idp profile signature sid details | Shows signature ID details of the specified |
|
| profile. |
|
show idp profile signature {all custom- | Shows the signature details of the specified |
|
signature} details | profile. |
|
22.3.4 Editing/Creating Anomaly Profiles
Use these commands to create a new anomaly profile or edit an existing one. It is recommended you use the web configurator to create/edit profiles. If you do not specify a base profile, the default base profile is none.
You CANNOT change the base profile later!
Table 84 Editing/Creating Anomaly Profiles
COMMAND | DESCRIPTION |
idp anomaly newpro [base {all none}] | Creates a new IDP anomaly profile called |
| newpro. newpro uses the base profile you |
| specify. Enters |
| following commands relate to the new profile. |
| Use exit to quit |
Sets | |
high} |
|
no | Clears |
| sensitivity is medium. |
Sets for how many seconds the NXC blocks all | |
| packets from being sent to the victim |
| (destination) of a detected anomaly attack. |
|
|
[no] | Activates TCP scan detection options where |
[alert] block} | |
| |
| |
| |
| portsweep}. Also sets TCP |
| or alerts and blocking. no deactivates TCP |
| scan detection, its logs, alerts or blocking. |
[no] | Activates or deactivates UDP scan detection |
[alert] block} | options where |
| |
| |
| |
| |
| Also sets UDP |
| and blocking. no deactivates UDP scan |
| detection, its logs, alerts or blocking. |
| 149 |
NXC CLI Reference Guide | |
|
|