サービスの改善にご協力お願いします。

お客様のご意見をお聞かせください。

アンケートの所要時間はおよそ 2 分です。

close
keyboard_arrow_left
Junos CLI リファレンス
Table of Contents Expand all
list Table of Contents

この機械翻訳はお役に立ちましたでしょうか?

starstarstarstarstar
Go to English page
免責事項:

このページは、サードパーティー製機械翻訳ソフトウェアを使用して翻訳されます。質の高い翻訳を提供するために合理的な対応はされていますが、ジュニパーネットワークスがその正確性を保証することはできかねます。この翻訳に含まれる情報の正確性について疑問が生じた場合は、英語版を参照してください. ダウンロード可能なPDF (英語版のみ).

custom-attack

date_range 18-Dec-23

構文

content_copy zoom_out_map
custom-attack attack-name {
    attack-type (Security Anomaly) {
        anomaly {
            direction (any | client-to-server | server-to-client);
            service service-name;
            shellcode (all | intel | no-shellcode | sparc);
            test test-condition;
        }
        chain {
            expression boolean-expression;
            member member-name {
                attack-type (Security Anomaly) {
                    (anomaly ...same statements as in [edit security idp custom-attack attack-name attack-type anomaly] hierarchy level | signature ...same statements as in [edit security idp custom-attack attack-name attack-type signature] hierarchy level);
                }
            }
            order;
            protocol-binding {
                application application-name;
                icmp;
                icmpv6;
                ip {
                    protocol-number transport-layer-protocol-number;
                }
                ipv6 {
                    protocol-number transport-layer-protocol-number;
                }
                rpc {
                    program-number rpc-program-number;
                }
                tcp {
                    minimum-port port-number <maximum-port port-number>;
                }
                udp {
                    minimum-port port-number <maximum-port port-number>;
                }
            }
            reset;
            scope (session | transaction);
        }
        signature (Security IDP) {
            context context-name;
            direction (any | client-to-server | server-to-client);
            negate;
            pattern signature-pattern;
            pattern-pcre signature-pattern-pcre;
            protocol (Security IDP Signature Attack) {
                icmp {
                    checksum-validate {
                        match (equal | greater-than | less-than | not-equal);
                        value checksum-value;
                    }
                    code {
                        match (equal | greater-than | less-than | not-equal);
                        value code-value;
                    }
                    data-length {
                        match (equal | greater-than | less-than | not-equal);
                        value data-length;
                    }
                    identification {
                        match (equal | greater-than | less-than | not-equal);
                        value identification-value;
                    }
                    sequence-number {
                        match (equal | greater-than | less-than | not-equal);
                        value sequence-number;
                    }
                    type {
                        match (equal | greater-than | less-than | not-equal);
                        value type-value;
                    }
                }
                icmpv6 (Security IDP Custom Attack) {
                    checksum-validate {
                        match (equal | greater-than | less-than | not-equal);
                        value checksum-value;
                    }
                    code {
                        match (equal | greater-than | less-than | not-equal);
                        value code-value;
                    }
                    data-length {
                        match (equal | greater-than | less-than | not-equal);
                        value data-length;
                    }
                    identification {
                        match (equal | greater-than | less-than | not-equal);
                        value identification-value;
                    }
                    sequence-number {
                        match (equal | greater-than | less-than | not-equal);
                        value sequence-number;
                    }
                    type {
                        match (equal | greater-than | less-than | not-equal);
                        value type-value;
                    }
                }
                ipv4 (Security IDP Signature Attack) {
                    checksum-validate {
                        match (equal | greater-than | less-than | not-equal);
                        value checksum-value;
                    }
                    destination {
                        match (equal | greater-than | less-than | not-equal);
                        value ip-address-or-hostname;
                    }
                    identification {
                        match (equal | greater-than | less-than | not-equal);
                        value identification-value;
                    }
                    ihl {
                        match (equal | greater-than | less-than | not-equal);
                        value ihl-value;
                    }
                    ip-flags {
                        (df | no-df);
                        (mf | no-mf);
                        (rb | no-rb);
                    }
                    protocol (Security IDP Signature Attack) {
                        match (equal | greater-than | less-than | not-equal);
                        value transport-layer-protocol-id;
                    }
                    source {
                        match (equal | greater-than | less-than | not-equal);
                        value ip-address-or-hostname;
                    }
                    tos {
                        match (equal | greater-than | less-than | not-equal);
                        value type-of-service-in-decimal;
                    }
                    total-length {
                        match (equal | greater-than | less-than | not-equal);
                        value total-length-of-ip-datagram;
                    }
                    ttl {
                        match (equal | greater-than | less-than | not-equal);
                        value time-to-live;
                    }
                }
                ipv6 {
                    destination {
                        match (equal | greater-than | less-than | not-equal);
                        value ip-address-or-hostname;
                    }
                    flow-label {
                        match (equal | greater-than | less-than | not-equal);
                        value flow-label-value;
                    }
                    hop-limit {
                        match (equal | greater-than | less-than | not-equal);
                        value hop-limit-value;
                    }
                    next-header {
                        match (equal | greater-than | less-than | not-equal);
                        value next-header-value;
                    }
                    payload-length {
                        match (equal | greater-than | less-than | not-equal);
                        value payload-length-value;
                    }
                    source {
                        match (equal | greater-than | less-than | not-equal);
                        value ip-address-or-hostname;
                    }
                    traffic-class {
                        match (equal | greater-than | less-than | not-equal);
                        value traffic-class-value;
                    }
                tcp (Security IDP Signature Attack){
                    ack-number {
                        match (equal | greater-than | less-than | not-equal);
                        value acknowledgement-number;
                    }
                    checksum-validate {
                        match (equal | greater-than | less-than | not-equal);
                        value checksum-value;
                    }
                    data-length {
                        match (equal | greater-than | less-than | not-equal);
                        value tcp-data-length;
                    }
                    destination-port (Security Signature Attack) {
                        match (equal | greater-than | less-than | not-equal);
                        value destination-port;
                    }
                    header-length {
                        match (equal | greater-than | less-than | not-equal);
                        value header-length;
                    }
                    mss (Security IDP) {
                        match (equal | greater-than | less-than | not-equal);
                        value maximum-segment-size;
                    }
                    option (Security IDP) {
                        match (equal | greater-than | less-than | not-equal);
                        value tcp-option;
                    }
                    reserved (Security IDP Custom Attack) {
                        match (equal | greater-than | less-than | not-equal);
                        value reserved-value;
                    }
                    sequence-number (Security IDP ICMP Headers) {
                        match (equal | greater-than | less-than | not-equal);
                        value sequence-number;
                    }
                    source-port {
                        match (equal | greater-than | less-than | not-equal);
                        value source-port;
                    }
                    tcp-flags {
                        (ack | no-ack);
                        (fin | no-fin);
                        (psh | no-psh);
                        (r1 | no-r1);
                        (r2 | no-r2);
                        (rst | no-rst);
                        (syn | no-syn);
                        (urg | no-urg);
                    }
                    urgent-pointer {
                        match (equal | greater-than | less-than | not-equal);
                        value urgent-pointer;
                    }
                    window-scale {
                        match (equal | greater-than | less-than | not-equal);
                        value window-scale-factor;
                    }
                    window-size {
                        match (equal | greater-than | less-than | not-equal);
                        value window-size;
                    }
                }
                udp (Security IDP Signature Attack) {
                    checksum-validate {
                        match (equal | greater-than | less-than | not-equal);
                        value checksum-value;
                    }
                    data-length {
                        match (equal | greater-than | less-than | not-equal);
                        value data-length;
                    }
                    destination-port {
                        match (equal | greater-than | less-than | not-equal);
                        value destination-port;
                    }
                    source-port {
                        match (equal | greater-than | less-than | not-equal);
                        value source-port;
                    }
                }
            }
            protocol-binding {
                application application-name;
                icmp;
                icmpv6;
                ip {
                    protocol-number transport-layer-protocol-number;
                }
                ipv6 {
                    protocol-number transport-layer-protocol-number;
                }
                rpc {
                    program-number rpc-program-number;
                }
                tcp {
                    minimum-port port-number <maximum-port port-number>;
                }
                udp {
                    minimum-port port-number <maximum-port port-number>;
                }
            }
            regexp regular-expression;
            shellcode (all | intel | no-shellcode | sparc);
        }
    }
    recommended-action (close | close-client | close-server | drop | drop-packet | ignore | none);
    severity (critical | info | major | minor | warning);
    time-binding {
        count count-value;
        scope (destination | peer | source);
    }
}

階層レベル

content_copy zoom_out_map
[edit security idp]
[edit tenants tenant-name security idp]

説明

カスタム攻撃オブジェクトを設定して、ネットワークを侵害するために使用できる既知または未知の攻撃を検出します。

オプション

attack-name- カスタム攻撃オブジェクトの名前。カスタム攻撃オブジェクト名に使用できる最大文字数は 60 文字です。

残りのステートメントについては、個別に説明します。 CLIエクスプローラを参照してください。

必要な権限レベル

セキュリティ—設定でこのステートメントを表示します。

セキュリティ管理ー設定にこのステートメントを追加します。

リリース情報

Junos OS リリース 9.3 で修正されたステートメント。

external-footer-nav