Foundry notes
If someone tries to ping flood the router, this will handle it.
If more than 4000 ICMP packets per second are received, the router
will drop all ICMP for 60 seconds.
If someone is pinging through the router, apply the command
to an interface (e.g. int ve 2), or all of them.
ip icmp burst-normal 1000 burst-max 4000 lockup 60
If someone tries to SYN flood the router (or through the router)
the following line applied globally or to the interfaces will help:
ip tcp burst-normal 10 burst-max 100 lockup 60
some self explanatory global statements
no ip icmp redirects
no ip icmp unreachable administration
no ip source-route
no ip icmp unreachable source-route-fail
telnet login-timeout 60
Some not-as-useful, but very sneaky stuff:
no ip icmp unreachable fragmentation-needed
no ip icmp unreachable host
no ip icmp unreachable network
no ip icmp unreachable port
no ip icmp unreachable protocol
Some useful show commands:
show statistics dos-attack
show default
show cpu
show web-connections
show vlans
show rmon
show rate-limit fixed
show chassis
show flash
show version
show module
show media # gig port SX/LX/LHA/LHB
show mac
show arp
some other interesting stuff
When you turn on ip helper-address, it enables seven UDP services
by turning the broadcast into a unicast directed at the "helper". These
seven services (bootp, dns, tftp, time, netbios-ns, netbios-dgm, tacacs)
can be enhanced with:
ip forward-protocol udp ?
Password Recover
connect to console port and hit b during boot to get into the
boot monitor mode. Issue the command
no password
boot system flash primary
enable
config term
enable super-user-password new-enable-password
enable telnet password new-telnet-pass
no aaa authentication enable default local
local users
to setup local users for telnet authentication:
enable telnet authentication
aaa authentication login default local
username network password telnet-password
to setup local users for enable authentication:
aaa authentication enable default local
username admin password enable-password