ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1 Betriebsanweisung Seite 187
- Seite / 386
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Chapter 21 IDP Commands
ZyWALL (ZLD) CLI Reference Guide
187
21.3.4 Editing/Creating Anomaly Profiles
Use these commands to create a new anomaly profile or edit an existing one. It is
recommended you use the web configurator to create/edit profiles. If you do not specify a base
profile, the default base profile is none.
" You CANNOT change the base profile later!
Table 99 Editing/Creating Anomaly Profiles
COMMAND DESCRIPTION
idp anomaly newpro [base {all | none}] Creates a new IDP anomaly profile called
newpro. newpro uses the base profile you
specify. Enters sub-command mode. All the
following commands relate to the new profile.
Use
exit to quit sub-command mode.
scan-detection sensitivity {low | medium |
high}
Sets scan-detection sensitivity.
no scan-detection sensitivity Clears scan-detection sensitivity. The default
sensitivity is medium.
scan-detection block-period <1..3600> Sets for how many seconds the ZyWALL
blocks all packets from being sent to the victim
(destination) of a detected anomaly attack.
[no] scan-detection {tcp-xxx} {activate | log
[alert] | block}
Activates TCP scan detection options where
{tcp-xxx} = {tcp-portscan | tcp-decoy-portscan |
tcp-portsweep | tcp-distributed-portscan | tcp-
filtered-portscan | tcp-filtered-decoy-portscan |
tcp-filtered-distributed-portscan | tcp-filtered-
portsweep}. Also sets TCP scan-detection logs
or alerts and blocking.
no deactivates TCP
scan detection, its logs, alerts or blocking.
[no] scan-detection {udp-xxx} {activate | log
[alert] | block}
Activates or deactivates UDP scan detection
options where {udp-xxx} = {udp-portscan | udp-
decoy-portscan | udp-portsweep | udp-
distributed-portscan | udp-filtered-portscan |
udp-filtered-decoy-portscan | udp-filtered-
distributed-portscan | udp-filtered-portsweep}.
Also sets UDP scan-detection logs or alerts
and blocking.
no deactivates UDP scan
detection, its logs, alerts or blocking.
[no] scan-detection {ip-xxx} {activate | log
[alert] | block}
Activates or deactivates IP scan detection
options where {ip-xxx} = {ip-protocol-scan | ip-
decoy-protocol-scan | ip-protocol-sweep | ip-
distributed-protocol-scan | ip-filtered-protocol-
scan | ip-filtered-decoy-protocol-scan | ip-
filtered-distributed-protocol-scan | ip-filtered-
protocol-sweep}. Also sets IP scan-detection
logs or alerts and blocking.
no deactivates IP
scan detection, its logs, alerts or blocking.
[no] scan-detection {icmp-sweep | icmp-
filtered-sweep} {activate | log [alert] |
block}
Activates or deactivates ICMP scan detection
options. Also sets ICMP scan-detection logs or
alerts and blocking.
no deactivates ICMP scan
detection, its logs, alerts or blocking.
- ZyWALL (ZLD) 1
- Document Conventions 4
- Icons Used in Figures 5
- Contents Overview 7
- Introduction 9
- CHAPTER 1 11
- 1.2.1 Console Port 12
- 1.2.3 Telnet 15
- 1.2.4 SSH (Secure SHell) 15
- Figure 8 SSH Login Example 16
- 1.5 CLI Modes 17
- 1.6 Shortcuts and Help 18
- Router# c [TAB] 20
- Router# co [TAB] 20
- 1.7 Input Values 21
- 1.8 Ethernet Interfaces 24
- 1.10 Logging Out 25
- CHAPTER 2 27
- 2.1.1 Debug Commands 29
- CHAPTER 3 31
- Chapter 3 Object Reference 32
- CHAPTER 4 33
- RAM size, and serial number 34
- Chapter 4 Status 35
- Chapter 4 Status 36
- CHAPTER 5 37
- Chapter 5 Registration 38
- 5.2 Registration Commands 39
- 5.3 Country Code 40
- Chapter 5 Registration 41
- CHAPTER 6 47
- Chapter 6 Interfaces 49
- Chapter 6 Interfaces 50
- 6.2.2 DHCP Setting Commands 55
- 6.2.4 RIP Commands 59
- 6.2.5 OSPF Commands 60
- 6.3.2 Port Grouping Commands 64
- _), or dashes (-) 70
- _), or dashes 70
- 6.6.1 Cellular Status 71
- Table 28 Cellular Status 72
- 6.7 WLAN Specific Commands 73
- 6.9 Bridge Specific Commands 79
- CHAPTER 7 83
- 7.4 Trunk Commands Summary 84
- 7.5 Trunk Command Examples 85
- Chapter 7 Trunks 86
- 7.6 Link Sticking 87
- CHAPTER 8 89
- Chapter 8 Route 93
- 8.3 IP Static Route 94
- 8.4 Static Route Commands 95
- Chapter 8 Route 96
- CHAPTER 9 97
- 9.2.1 RIP Commands 98
- 9.2.2 General OSPF Commands 98
- 9.2.3 OSPF Area Commands 99
- 9.2.4 Virtual Link Commands 99
- CHAPTER 10 101
- 10.2 Zone Commands Summary 102
- 10.2.1 Zone Command Examples 103
- Chapter 10 Zones 104
- CHAPTER 11 105
- 11.2 DDNS Commands Summary 106
- Chapter 11 DDNS 108
- CHAPTER 12 109
- Chapter 12 Virtual Servers 110
- Chapter 12 Virtual Servers 111
- 192.168.3.7 112
- CHAPTER 13 115
- 13.2 HTTP Redirect Commands 116
- Chapter 13 HTTP Redirect 117
- Chapter 13 HTTP Redirect 118
- CHAPTER 14 119
- 14.2 ALG Commands 120
- 14.3 ALG Commands Example 121
- Chapter 14 ALG 122
- PART III 123
- CHAPTER 15 125
- 15.2 Firewall Commands 126
- Chapter 15 Firewall 127
- 15.2.1 Firewall Sub-Commands 128
- 15.3 Session Limit Commands 130
- means all IP 131
- means all users 131
- Chapter 15 Firewall 132
- IPSec VPN (135) 133
- SSL VPN (145) 133
- L2TP VPN (151) 133
- CHAPTER 16 135
- 16.2.1 IKE SA Commands 137
- VPN gateways) 139
- SA in a VPN concentrator 140
- Chapter 16 IPSec VPN 141
- 16.2.5 SA Monitor Commands 143
- Chapter 16 IPSec VPN 144
- CHAPTER 17 145
- 17.2.1 SSL VPN Commands 146
- Chapter 17 SSL VPN 147
- Table 74 SSL VPN Commands 147
- Chapter 17 SSL VPN 148
- CHAPTER 18 151
- 18.3 Policy Route 152
- 18.4 L2TP VPN Commands 153
- 18.5 L2TP VPN Example 154
- Chapter 18 L2TP VPN 155
- Figure 23 L2TP VPN Example 155
- Chapter 18 L2TP VPN 156
- • Enable the policy route 157
- Application Patrol 159
- CHAPTER 19 161
- 19.2.2.1 Rule Sub-commands 163
- Chapter 19 Application Patrol 164
- Anti-Virus (175) 173
- IDP Commands (183) 173
- Content Filtering (201) 173
- Anti-Spam (211) 173
- CHAPTER 20 175
- 20.2.3 White and Black Lists 178
- Chapter 20 Anti-Virus 179
- Chapter 20 Anti-Virus 180
- Table 92 Update Signatures 180
- 20.4 Anti-virus Statistics 181
- CHAPTER 21 183
- 21.3 IDP Profile Commands 184
- Chapter 21 IDP Commands 185
- old_profile new_profile 185
- Chapter 21 IDP Commands 186
- 21.3.6 Signature Search 191
- 21.4 IDP Custom Signatures 193
- Table 104 Custom Signatures 194
- 21.5 Update IDP Signatures 197
- 21.6 IDP Statistics 198
- CHAPTER 22 201
- Chapter 22 Content Filtering 203
- Chapter 22 Content Filtering 204
- (see Chapter 5 on page 37) 209
- CHAPTER 23 211
- 23.2.3 White and Black Lists 213
- Chapter 23 Anti-Spam 214
- Chapter 23 Anti-Spam 215
- Table 119 DNSBL Commands 216
- 23.3 Anti-Spam Statistics 218
- PART VII 221
- CHAPTER 24 223
- 24.1.1 Before You Begin 224
- Chapter 24 Device HA 225
- 24.6.1 VRRP Group Commands 228
- Chapter 24 Device HA 230
- PART VIII 231
- CHAPTER 25 233
- 25.2.1 User Commands 234
- 25.2.2 User Group Commands 235
- 25.2.3 User Setting Commands 235
- Chapter 25 User/Group 237
- Chapter 25 User/Group 240
- CHAPTER 26 241
- Chapter 26 Addresses 242
- CHAPTER 27 245
- ICMP_ECHO to SG1 247
- Chapter 27 Services 248
- CHAPTER 28 249
- Chapter 28 Schedules 250
- Table 143 schedule Commands 250
- CHAPTER 29 251
- 29.2.1 ad-server Commands 252
- 29.2.2 ldap-server Commands 252
- Chapter 29 AAA Server 258
- CHAPTER 30 259
- 30.3 test aaa Command 261
- CHAPTER 31 263
- Chapter 31 Certificates 265
- Chapter 31 Certificates 266
- CHAPTER 32 269
- Chapter 32 ISP Accounts 272
- CHAPTER 33 273
- Chapter 33 SSL Application 274
- Chapter 33 SSL Application 275
- CHAPTER 34 277
- Chapter 34 Endpoint Security 278
- Chapter 34 Endpoint Security 279
- System (287) 285
- CHAPTER 35 287
- Chapter 35 System 288
- 35.3 Host Name Commands 289
- 35.4 Time and Date 289
- 35.4.1 Date/Time Commands 290
- 35.5 Console Port Speed 291
- 35.6 DNS Overview 291
- 35.6.2 DNS Commands 292
- 35.7 SNAT Overview 293
- CHAPTER 36 295
- 36.3 HTTP/HTTPS Commands 296
- 36.4 SSH 298
- 36.4.3 SSH Commands 299
- 36.4.4 SSH Command Examples 299
- 36.5 Telnet 300
- 36.6 Telnet Commands 300
- 36.7 Configuring FTP 301
- 36.8 SNMP 302
- 36.8.1 Supported MIBs 303
- 36.8.2 SNMP Traps 303
- 36.8.3 SNMP Commands 303
- 36.9 ICMP Filter 305
- 36.10 Dial-in Management 305
- 36.10.3 Response Strings 306
- 36.11 Vantage CNM 307
- 36.12 Language Commands 308
- Maintenance 309
- CHAPTER 37 311
- Chapter 37 File Manager 312
- Chapter 37 File Manager 313
- 37.6 FTP File Transfer 316
- Figure 34 Firmware Damaged 320
- Figure 35 Enter Debug Mode 320
- Figure 45 Restart Complete 324
- Figure 49 Enter Debug Mode 326
- Figure 55 Startup Complete 328
- CHAPTER 38 329
- 38.1.2 System Log Commands 330
- 38.1.3 Debug Log Commands 331
- Vantage Report) server 332
- Chapter 38 Logs 334
- CHAPTER 39 335
- 39.1.3 Session Commands 336
- Chapter 39 Reports and Reboot 338
- 39.3 Reboot 339
- CHAPTER 40 341
- Chapter 40 Session Timeout 342
- CHAPTER 41 343
- Chapter 41 Diagnostics 344
- CHAPTER 42 345
- Chapter 42 Maintenance Tools 346
- 42.0.1 Command Examples 347
- Chapter 42 Maintenance Tools 349
- CHAPTER 43 351
- 43.3 Application Watchdog 352
- Chapter 43 Watchdog Timer 353
- Chapter 43 Watchdog Timer 354
- Command List 355
Verwandte Produkte und Handbücher für Gateways / Controller ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1
(20 Seiten)
(32 Seiten)
(40 Seiten)
(2 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.035 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern