当前位置:文库下载 > 所有分类 > 华为交换机防病毒配置
免费下载此文档

华为交换机防病毒配置

Generated by Foxit PDF Creator © Foxit Softwarehttp://www.wenkuxiazai.com For evaluation only.

此配置可适用于华为S23、S33、S53、S93系列交换机进行针对冲击波、振荡波、Blaster 蠕虫和Worm_MSBlast.A 蠕虫病毒的配置

acl 3000

用于控制冲击波病毒的扫描和攻击

rule permit tcp source any destination any destination-port eq 135

rule permit udp source any destination any destination-port eq 135

rule permit udp source any destination any destination-port eq netbios-ns

rule permit udp source any destination any destination-port eq netbios-dgm

rule permit tcp source any destination any destination-port eq 139

rule permit udp source any destination any destination-port eq 139

rule permit tcp source any destination any destination-port eq 445

rule permit udp source any destination any destination-port eq 445

rule permit udp source any destination any destination-port eq 593

rule permit tcp source any destination any destination-port eq 593

用于控制振荡波的扫描和攻击

rule permit tcp source any destination any destination-port eq 445

rule permit tcp source any destination any destination-port eq 5554

rule permit tcp source any destination any destination-port eq 9995

rule permit tcp source any destination any destination-port eq 9996

用于控制Blaster 蠕虫的传播

rule permit udp source any destination any destination-port eq 69

rule permit tcp source any destination any destination-port eq 4444

用于控制 Worm_MSBlast.A 蠕虫的传播

rule permit udp source any destination any destination-port eq 1434

禁ping

rule permit icmp source any destination any

[Quidway] traffic classifier c1

[Quidway-classifier-c1] if-match acl 3000

[Quidway-classifier-c1] quit

[Quidway] traffic behavior b1

[Quidway-behavior-b1] deny //拒绝操作在behavior 里进行

[Quidway-behavior-b1]

免费下载Word文档免费下载:华为交换机防病毒配置

(下载1-1页,共1页)

我要评论

TOP相关主题

返回顶部