The anti-attack abnormal enable command enables defense against malformed packet attacks.
The undo anti-attack abnormal enable command disables defense against malformed packet attacks.
The anti-attack abnormal disable command disables defense against malformed packet attacks.
By default, defense against malformed packet attacks is enabled.
Usage Scenario
The malformed packet attack is to send malformed IP packets to the system. If such an attack occurs, the system may break down when processing the malformed IP packets. To prevent the system from breaking down and to ensure normal network services, run the anti-attack abnormal enable command to enable defense against malformed packets.
The device detects malformed packets after defense against malformed packets is enabled.
The device directly discards packets of the following types:
Flood attacks from IP null payload packets
Attacks from IGMP null payload packets
LAND attacks
Smurf attacks
Attacks from packets with invalid TCP flag bits
Precautions
You can also run the anti-attack enable command in the system view to enable attack defense against all attack packets including malformed packets.