 |
Note: In a chain attack, you can configure multiple member attacks. In an attack, under protocol binding TCP/UDP, you can specify multiple ranges of ports. |
See the following sections:
- attack-type {
-
- anomaly {
- direction (any | client-to-server
| server-to-client);
- service
service-name ;
- shellcode (all | intel |
no-shellcode | sparc);
- test
test-condition ;
- }
- }
- [edit security idp custom-attack attack-name]
Statement introduced in Release 9.3 of JUNOS software.
Specify the type of attack.
This statement is supported on SRX-series devices.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
- attack-type {
-
- chain {
- expression boolean-expression
;
-
- member
member-name {
-
- attack-type {
- (anomaly | signature);
- }
- }
- order;
-
- protocol-binding {
- application application-name
;
- icmp;
-
- ip {
- protocol-number transport-layer-protocol-number
;
- }
-
- rpc {
- program-number rpc-program-number
;
- }
-
- tcp {
- minimum-port port-number
maximum-port port-number ;
- }
-
- udp {
- minimum-port port-number
maximum-port port-number ;
- }
- }
- reset;
- scope (session | transaction);
- }
- [edit security idp custom-attack attack-name]
Statement introduced in Release 9.3 of JUNOS software.
Specify the type of attack.
This statement is supported on SRX-series devices.
|
Note: In a chain attack, you can configure multiple member attacks. In an attack, under protocol binding TCP/UDP, you can specify multiple ranges of ports. |
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
- attack-type {
-
- signature {
- context
context-name ;
- direction (any | client-to-server
| server-to-client);
- negate;
- pattern
signature-pattern ;
-
- protocol {
-
- icmp {
-
- code {
- match (equal | greater-than
| less-than | not-equal);
- value
code-value
;
- }
-
- data-length {
- match (equal | greater-than
| less-than | not-equal);
- value
data-length
;
- }
-
- identification {
- match (equal | greater-than
| less-than | not-equal);
- value
identification-value
;
- }
-
- sequence-number {
- match (equal | greater-than
| less-than | not-equal);
- value
sequence-number
;
- }
-
- type {
- match (equal | greater-than
| less-than | not-equal);
- value
type-value
;
- }
- }
-
- ip {
-
- destination {
- match (equal | greater-than
| less-than | not-equal);
- value
hostname ;
- }
-
- identification {
- match (equal | greater-than
| less-than | not-equal);
- value
identification-value
;
- }
-
- ip-flags {
- (df | no-df);
- (mf | no-mf);
- (rb | no-rb);
- }
-
- protocol {
- match (equal | greater-than
| less-than | not-equal);
- value
transport-layer-protocol-id ;
- }
-
- source {
- match (equal | greater-than
| less-than | not-equal);
- value
hostname ;
- }
-
- tos {
- match (equal | greater-than
| less-than | not-equal);
- value
type-of-service-in-decimal
;
- }
-
- total-length {
- match (equal | greater-than
| less-than | not-equal);
- value
total-length-of-ip-datagram ;
- }
-
- ttl {
- match (equal | greater-than
| less-than | not-equal);
- value
time-to-live
;
- }
- }
-
- tcp {
-
- ack-number {
- match (equal | greater-than
| less-than | not-equal);
- value
acknowledgement-number
;
- }
-
- data-length {
- match (equal | greater-than
| less-than | not-equal);
- value
tcp-data-length
;
- }
-
- destination-port {
- match (equal | greater-than
| less-than | not-equal);
- value
destination-port
;
- }
-
- header-length {
- match (equal | greater-than
| less-than | not-equal);
- value
header-length
;
- }
-
- mss {
- match (equal | greater-than
| less-than | not-equal);
- value
maximum-segment-size
;
- }
-
- option {
- match (equal | greater-than
| less-than | not-equal);
- value
tcp-option
;
- }
-
- sequence-number {
- match (equal | greater-than
| less-than | not-equal);
- value
sequence-number
;
- }
-
- source-port {
- match (equal | greater-than
| less-than | not-equal);
- value
source-port
;
- }
-
- tcp-flags {
- (ack | no-ack);
- (fin | no-fin);
- (psh | no-psh);
- (r1 | no-r1);
- (r2 | no-r2);
- (rst | no-rst);
- (syn | no-syn);
- (urg | no-urg);
- }
-
- urgent-pointer {
- match (equal | greater-than
| less-than | not-equal);
- value
urgent-pointer
;
- }
-
- window-scale {
- match (equal | greater-than
| less-than | not-equal);
- value
window-scale-factor
;
- }
-
- window-size {
- match (equal | greater-than
| less-than | not-equal);
- value
window-size
;
- }
- }
-
- udp {
-
- data-length {
- match (equal | greater-than
| less-than | not-equal);
- value
data-length
;
- }
-
- destination-port {
- match (equal | greater-than
| less-than | not-equal);
- value
destination-port
;
- }
-
- source-port {
- match (equal | greater-than
| less-than | not-equal);
- value
source-port
;
- }
- }
- }
-
- protocol-binding {
- application application-name
;
- icmp;
-
- ip {
- protocol-number transport-layer-protocol-number ;
- }
-
- rpc {
- program-number rpc-program-number
;
- }
-
- tcp {
- minimum-port port-number
maximum-port port-number ;
- }
-
- udp {
- minimum-port port-number
maximum-port port-number ;
- }
- }
- regexp
regular-expression ;
- shellcode (all | intel |
no-shellcode | sparc);
- }
- [edit security idp custom-attack attack-name]
Statement introduced in Release 9.3 of JUNOS software.
Specify the type of attack.
This statement is supported on SRX-series devices.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.