< Home

deception syn-connect rate

Function

The deception syn-connect rate command sets a TCP port scanning threshold.

The undo deception syn-connect rate command restores the default TCP port scanning threshold.

Format

deception syn-connect rate rate-number

undo deception syn-connect rate

Parameters

Parameter Description Value
rate-number

Specifies a TCP port scanning threshold.

The value is an integer ranging from 1 to 20000, in "times per second".

Views

Deception view

Default Level

2: Configuration level

Usage Guidelines

The default TCP port threshold is 100 times per second.

If the rate of TCP port scanning packets sent from the same address reaches the threshold, the DecoySensor considers this behavior as attack behavior. Once the DecoySensor detects that a scanned port is unopened, it immediately deceives the traffic to the Decoy for further detection.

Example

# Set the TCP port scanning threshold to 200 times per second.

<FW> system-view
[FW] deception
[FW-deception] deception syn-connect rate 200
Parent Topic: Network Deception Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >