Login
- Table of Contents
-
- H3C S7500 Series Command Manual(Release 3100 Series)-(V1.04)
- 00-1Cover
- 01-CLI Commands
- 02-Login Commands
- 03-Configuration File Management Commands
- 04-VLAN Commands
- 05-Extended VLAN Application Commands
- 06-IP Address-IP Performance-IPX Commands
- 07-GVRP Commands
- 08-QinQ Commands
- 09-Port Basic Configuration Commands
- 10-Link Aggregation Commands
- 11-Port Isolation Commands
- 12-Port Binding Commands
- 13-DLDP Commands
- 14-MAC Address Table Commands
- 15-MSTP Commands
- 16-Routing Protocol Commands
- 17-Multicast Commands
- 18-802.1x Commands
- 19-AAA-RADIUS-HWTACACS-EAD Commands
- 20-Traffic Accounting Commands
- 21-VRRP-HA Commands
- 22-ARP Commands
- 23-DHCP Commands
- 24-ACL Commands
- 25-QoS Commands
- 26-Mirroring Commands
- 27-Cluster Commands
- 28-PoE Commands
- 29-UDP-Helper Commands
- 30-SNMP-RMON Commands
- 31-NTP Commands
- 32-SSH Terminal Service Commands
- 33-File System Management Commands
- 34-FTP and TFTP Commands
- 35-Information Center Commands
- 36-DNS Commands
- 37-System Maintenance and Debugging Commands
- 38-HWPing Commands
- 39-RRPP Commands
- 40-NAT-Netstream-Policy Routing Commands
- 41-Telnet Protection Commands
- 42-Hardware-Dependent Software Configuration Commands
- 43-Appendix
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 41-Telnet Protection Commands | 29 KB |
Chapter 1 Telnet Protection Configuration Commands
1.1 Telnet Protection Configuration Commands
1.1.2 attack-protection disable-defaultroute
1.1.5 attack-protection telnet
Chapter 1 Telnet Protection Configuration Commands
1.1 Telnet Protection Configuration Commands
1.1.1 attack-protection
Syntax
attack-protection [ ip-address ]
undo attack-protection
View
System view
Parameters
ip-address: Sets special ARP Telnet protection for the specified Layer-3 interface.
Description
Use the attack-protection command to set global Telnet protection. After you execute this command, the system protects all the Layer-3 interfaces in the Up state.
Use the undo attack-protection command to cancel the global Telnet protection.
Use the attack-protection ip-address command to set special ARP Telnet protection. If the Layer-3 interface corresponding to the specified IP address is in the Up state, Telnet protection is enabled on this Layer-3 interface. If the corresponding Layer-3 interface does not exist or is in the Down state, the system saves this configuration as the special ARP settings and enables Telnet protection when the corresponding Layer-3 interface is in the UP state.
Use the undo attack-protection ip-address command to cancel the special ARP Telnet protection.
Examples
# Configure global Telnet protection.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] attack-protection
# Configure special ARP Telnet protection.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] attack-protection 192.168.0.1
1.1.2 attack-protection disable-defaultroute
Syntax
attack-protection disable-defaultroute
undo attack-protection disable-defaultroute
View
System view
Parameters
None
Description
Use the attack-protection disable-defaultroute command to disable the default-route Telnet protection function.
Use the undo attack-protection disable-defaultroute command to enable the default-route Telnet protection function.
By default, default-route Telnet protection is disabled.
After enabling the NAT function, you cannot configure default-route Telnet protection.
Examples
# Enable default-route Telnet protection.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] undo attack-protection disable-defaultroute
1.1.3 attack-protection icmp
Syntax
attack-protection icmp [ ip-address ]
undo attack-protection icmp
View
System view
Parameters
ip-address: Configures to protect ICMP packets for the specified source IP address.
Description
Use the attack-protection icmp command to enable ICMP protection.
Use the undo attack-protection icmp command to disable ICMP protection.
Before enabling ICMP protection, you need to enable ICMP protection, and then configure global Telnet protection, special ARP Telnet protection, and default-route Telnet protection.
By default, ICMP protection is disabled.
Examples
# Protect ICMP packets addressed from the source IP address 192.168.0.100.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] attack-protection icmp 192.168.0.100
1.1.4 attack-protection snmp
Syntax
attack-protection snmp [ ip-address ]
undo attack-protection snmp
View
System view
Parameters
ip-address: Configures to protect SNMP packets for the specified source IP address.
Description
Use the attack-protection snmp command to enable SNMP protection.
Use the undo attack-protection snmp command to disable SNMP protection.
Before enabling SNMP protection, you need to enable SNMP protection, and then configure global Telnet protection, special ARP Telnet protection, and default-route Telnet protection.
By default, SNMP protection is disabled.
Examples
# Protect SNMP packets addressed from the source IP address 192.168.0.100.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] attack-protection snmp 192.168.0.100
1.1.5 attack-protection telnet
Syntax
attack-protection telnet [ ip-address ]
undo attack-protection telnet
View
System view
Parameters
ip-address: Configures to protect Telnet packets for the specified source IP address.
Description
Use the attack-protection telnet command to enable Telnet protection.
Use the undo attack-protection telnet command to disable Telnet protection.
Before enabling Telnet protection, you need to enable Telnet protection, and then configure global Telnet protection, special ARP Telnet protection, and default-route Telnet protection.
By default, Telnet protection is disabled.
Examples
# Protect Telnet packets addressed from the source IP address 192.168.0.100.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] attack-protection telnet 192.168.0.100
