Login
- Table of Contents
-
- 09 Security Command Reference
- 00-Preface
- 01-AAA commands
- 02-802.1X commands
- 03-MAC authentication commands
- 04-Portal commands
- 05-Port security commands
- 06-Password control commands
- 07-Public key management commands
- 08-PKI commands
- 09-IPsec commands
- 10-SSH commands
- 11-SSL commands
- 12-IP source guard commands
- 13-ARP attack protection commands
- 14-MFF commands
- 15-uRPF commands
- 16-Crypto engine commands
- 17-FIPS commands
- 18-Attack detection and prevention commands
- 19-ND attack defense commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 18-Attack detection and prevention commands | 46.72 KB |
attack-defense login reauthentication-delay
Use attack-defense login reauthentication-delay to enable the login delay feature.
Use undo attack-defense login reauthentication-delay to restore the default.
Syntax
attack-defense login reauthentication-delay seconds
undo attack-defense login reauthentication-delay
Default
The login delay feature is disabled. The device does not delay accepting a login request from a user who has failed a login attempt.
Views
System view
Predefined user roles
network-admin
Parameters
seconds: Sets the delay period in seconds, in the range of 4 to 60.
Usage guidelines
The login delay feature delays the device to accept a login request from a user after the user fails a login attempt. This feature can slow down login dictionary attacks.
Examples
# Enable the login delay feature and set the delay period to 5 seconds.
[Sysname] attack-defense login reauthentication-delay 5
attack-defense tcp fragment enable
Use attack-defense tcp fragment enable to enable TCP fragment attack prevention.
Use undo attack-defense tcp fragment enable to disable TCP fragment attack prevention.
Syntax
attack-defense tcp fragment enable
undo attack-defense tcp fragment enable
Default
TCP fragment attack prevention is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables the device to drop attack TCP fragments to prevent TCP fragment attacks.
Examples
# Enable TCP fragment attack prevention.
<Sysname> System-view
[Sysname] attack-defense tcp fragment enable
# Disable TCP fragment attack prevention.
<Sysname> System-view
[Sysname] undo attack-defense tcp fragment enable
