6.5.3. show dos

Syntax

show dos

show dos interface IF_PORTS

Parameter


interface IF_PORTS An interface ID or the list of interface IDs.


Default

Mode

Privileged EXEC

Usage

To show the DoS protection configuration, use the command show dos in the Privileged EXEC mode. For the status of DoS protection on each interface, use the command show dos interface in the Priveleged EXEC mode.

Example

The following example shows the global DoS protection configuration.

Switch# show dos
Type | State (Length)
----------------------------+---------------------------------
DMAC equal to SMAC | enabled
Land (DIP = SIP) | enabled
UDP Blat (DPORT = SPORT) | enabled
TCP Blat (DPORT = SPORT) | enabled
POD (Ping of Death) | enabled
IPv6 Min Fragment Size | enabled (1024 Bytes)
ICMP Fragment Packets | enabled
IPv4 Ping Max Packet Size | enabled (512 Bytes)
IPv6 Ping Max Packet Size | enabled (512 Bytes)
Smurf Attack | enabled (Netmask Length: 0)
TCP Min Header Length | enabled (20 Bytes)
TCP Syn (SPORT < 1024) | enabled
Null Scan Attack | enabled
X-Mas Scan Attack | enabled
TCP SYN-FIN Attack | enabled
TCP SYN-RST Attack | enabled
TCP Fragment (Offset = 1) | enabled

The following example shows the status of DoS protection on the interface fa1.

Switch# show dos interfaces fa1
Port | DoS Protection
----------+----------------
fa1 | disabled