CLI Configuration

To create a protocol anomaly-based attack object:

1. Specify a name for the attack. The following statement specifies anomaly1 as the name of the attack.

   user@host# set security idp custom-attack anomaly1

2. Specify common properties for the attack. The following statements specify an info severity level and a time binding with a scope type peer and count 2.

   user@host# set security idp custom-attack anomaly1 severity info

   user@host#set security idp custom-attack anomaly1 time-binding scope peer count 2

3. Specify the attack type and test condition. The following statement specifies the attack type anomaly and test condition UNSUPPORTED_OPTIONS.

   user@host# set security idp custom-attack anomaly1 attack-type anomaly test UNSUPPORTED_OPTIONS

4. Specify other properties for the anomaly attack. The following statement specifies the service TCP and attack direction any, and sets the shellcode flag to sparc and specifies .

   user@host# set security idp custom-attack sa attack-type anomaly service TCP

   user@host# set security idp custom-attack sa attack-type anomaly direction any

   user@host# set security idp custom-attack sa attack-type anomaly shellcode sparc

5. If you are finished configuring the router, commit the configuration.
6. From configuration mode in the CLI, enter the show security idp command to verify the configuration. For more information, see the JUNOS Software CLI Reference.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.