Related Documentation
jnxJsScreenSweepTable
The jnxJsScreenSweepTable, whose object ID is {jnxJsScreenObjects 3}, collects the screen attributes that monitor TCP/UDP sweep attacks. These attributes are listed in Table 1.
Table 1: jnxJsScreenSweepTable
Object | Object ID | Description |
|---|---|---|
jnxJsScreenSweepEntry | jnxJsScreenSweepTable 1 | Maintains the TCP/UDP sweep thresholds and counters. Sequence of parameters:
|
jnxJsScreenTcpSweepThresh | jnxJsScreenSweepEntry 1 | The TCP sweep threshold interval is in microseconds. The default threshold value is 5000. The valid threshold range is 1000-1,000,000. If a remote host sends TCP packets to 10 addresses in 0.005 seconds (5000 microseconds), the security device flags this as a TCP sweep, and rejects all further new TCP connections initiated from that host for the remainder of the specified threshold period. |
jnxJsScreenUdpSweepThresh | jnxJsScreenSweepEntry 2 | The UDP sweep threshold interval is in microseconds. The default threshold value is 5000. The valid threshold range is 1000-1,000,000. If a remote host sends UDP packets to 10 addresses in 0.005 seconds (5000 microseconds), the security device flags this as a UDP sweep, and rejects all further new UDP connections from that host for the remainder of the specified threshold period. |
jnxJsScreenMonTcpSweep | jnxJsScreenSweepEntry 3 | Number of TCP sessions dropped as a result of a TCP sweep. |
jnxJsScreenMonUdpSweep | jnxJsScreenSweepEntry 4 | Number of UDP packets dropped as a result of a UDP sweep. |
