Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
attack-type (Signature)
Syntax
attack-type {signature {context
context-name ;direction (any | client-to-server
| server-to-client);negate;pattern
signature-pattern ;protocol {icmp {code {match (equal | greater-than
| less-than | not-equal);value
code-value
;}data-length {match (equal | greater-than
| less-than | not-equal);value
data-length
;}identification {match (equal | greater-than
| less-than | not-equal);value
identification-value
;}sequence-number {match (equal | greater-than
| less-than | not-equal);value
sequence-number
;}type {match (equal | greater-than
| less-than | not-equal);value
type-value
;}}ip {destination {match (equal | greater-than
| less-than | not-equal);value
hostname ;}identification {match (equal | greater-than
| less-than | not-equal);value
identification-value
;}ip-flags {(df | no-df);(mf | no-mf);(rb | no-rb);}protocol {match (equal | greater-than
| less-than | not-equal);value
transport-layer-protocol-id ;}source {match (equal | greater-than
| less-than | not-equal);value
hostname ;}tos {match (equal | greater-than
| less-than | not-equal);value
type-of-service-in-decimal
;}total-length {match (equal | greater-than
| less-than | not-equal);value
total-length-of-ip-datagram ;}ttl {match (equal | greater-than
| less-than | not-equal);value
time-to-live
;}}tcp {ack-number {match (equal | greater-than
| less-than | not-equal);value
acknowledgement-number
;}data-length {match (equal | greater-than
| less-than | not-equal);value
tcp-data-length
;}destination-port {match (equal | greater-than
| less-than | not-equal);value
destination-port
;}header-length {match (equal | greater-than
| less-than | not-equal);value
header-length
;}mss {match (equal | greater-than
| less-than | not-equal);value
maximum-segment-size
;}option {match (equal | greater-than
| less-than | not-equal);value
tcp-option
;}sequence-number {match (equal | greater-than
| less-than | not-equal);value
sequence-number
;}source-port {match (equal | greater-than
| less-than | not-equal);value
source-port
;}tcp-flags {(ack | no-ack);(fin | no-fin);(psh | no-psh);(r1 | no-r1);(r2 | no-r2);(rst | no-rst);(syn | no-syn);(urg | no-urg);}urgent-pointer {match (equal | greater-than
| less-than | not-equal);value
urgent-pointer
;}window-scale {match (equal | greater-than
| less-than | not-equal);value
window-scale-factor
;}window-size {match (equal | greater-than
| less-than | not-equal);value
window-size
;}}udp {data-length {match (equal | greater-than
| less-than | not-equal);value
data-length
;}destination-port {match (equal | greater-than
| less-than | not-equal);value
destination-port
;}source-port {match (equal | greater-than
| less-than | not-equal);value
source-port
;}}}protocol-binding {application application-name
;icmp;ip {protocol-number transport-layer-protocol-number ;}rpc {program-number rpc-program-number
;}tcp {minimum-port port-number
maximum-port port-number ;}udp {minimum-port port-number
maximum-port port-number ;}}regexp
regular-expression ;shellcode (all | intel |
no-shellcode | sparc);}
Hierarchy Level
[edit security idp custom-attack attack-name]
Release Information
Statement introduced in Release 9.3 of Junos OS.
Description
Specify the type of attack.
Usage Guidelines
For configuration instructions and examples, see the Junos OS Security Configuration Guide.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
