ALM-303046936 Attack occurred
Description
SECE/4/STRACKUSER: OID=[OID] Attack occurred.(Interface=[STRING], SourceMAC=[STRING], CVLAN=[ULONG], PVLAN=[ULONG], EndTime=[STRING], TotalPackets=[ULONG])
The system detects an attack.
Attribute
|
Alarm ID |
Alarm Severity |
Alarm Type |
|---|---|---|
|
303046936 |
Warning |
securityServiceOrMechanismViolation |
Parameters
|
Name |
Meaning |
|---|---|
|
OID |
Indicates the MIB object ID of the alarm. |
|
Interface |
Indicates the access interface of the attacker. |
|
SourceMAC |
Indicates the Source MAC address of packets sent from the attacker. |
|
BCVLAN |
Indicates the maximum rate of broadcast packets. |
|
PVLAN |
Indicates the inner VLAN ID of packets sent from the attacker. |
|
EndTime |
Indicates the end time of the attack. |
|
TotalPackets |
Indicates the number of packets received from the attacker. |
Impact on the System
The CPU is busy processing attack packets. As a result, normal service packets cannot be processed in time or even discarded.
Possible Causes
The rate of packets with the specified MAC address and VLAN ID sent to the CPU exceeds the alarm threshold.
Procedure
- If the user initiates the attack, you can set the action taken on attack packets to deny, or configure a traffic policy to discard attack packets.
- If the fault cause is unknown, collect device configurations, alarms, and logs, and then contact technical support personnel.
- End.
Related Information
None
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
