The firewall defend winnuke enable command enables the WinNuke attack defense.
The undo firewall defend winnuke enable command disables the WinNuke attack defense.
By default, the WinNuke attack defense is disabled.
After the WinNuke attack defense is enabled, a FW checks whether the destination port of the received data packet is 139, the URG bit is 1, and the URG pointer is not empty. Packets that meet the previous three conditions are discarded and attack logs are recorded. When receiving an IGMP fragment, the FW considers that a WinNuke attack occurs and discards the packet.