Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

udp-sweep

Syntax

Hierarchy Level

Description

Configure the device to detect and prevent UDP sweep attack. In a UDP sweep attack, an attacker sends UDP packets to the target device. If the device responds to those packets, the attacker gets an indication that a port in the target device is open, which makes the port vulnerable to attack. If a remote host sends UDP packets to 10 addresses in 0.005 seconds (5000 microseconds), then the device flags this as an UDP sweep attack.

If the alarm-without-drop option is not set, the device rejects the eleventh and all further UDP packets from that host for the remainder of the specified threshold period.

Options

threshold number—Maximum number of microseconds during which up to 10 UDP packets from the same host are allowed into the device. More than 10 requests from a host during this period triggers an UDP Sweep attack response on the device during the remainder of the second.

  • Range: 1000 through 1,000,000 microseconds

  • Default: 5000 microseconds

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 10.2.