日志信息里老是有被攻击的提示,如下:,请问是什么类型的攻击?该如何解读这段信息?该如何优化防攻击设置?可以通过设置来避免吗?
2018/7/26 7:34,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=117.27.229.178;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073406 2018/7/26 7:34,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=117.27.229.178;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073436 2018/7/26 7:36,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=88.80.30.20;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073643 2018/7/26 7:36,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=88.80.30.20;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073646 2018/7/26 7:36,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=88.80.30.20;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073652 2018/7/26 7:39,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=182.141.87.244;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073919 2018/7/26 7:39,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=182.141.87.244;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=20180726073919 2018/7/26 7:39,Info,192.168.0.1,%%10DPATTACK/6/ATK_ATTACK_REPORT(l): atckType(1016)=(9)ICMP Unreachable;rcvIfName(1023)=GigabitEthernet0/0;srcIPAddr(1017)=182.141.87.244;srcMacAddr(1021)= ;destIPAddr(1019)=192.168.0.2;destMacAddr(1022)= ;atckSpeed(1047)=0;atckTime_cn(1048)=201807260739
(0)
最佳答案
sys
attack-defense policy 1
signature-detect icmp-unreachable enable
signature-detect action drop-packet
quit
sys
interface g0/0
attack-defense apply policy 1
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论