Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

TCP flags

76

aaa authorization commands

70

aaa authorization commands <

55

access-list

108

,

112

,

123

,

137

,

145

accounting

304

ACL-logging

127

age

220

all-client

26

attempt-max-num

306

auth-fail-action restricted-vlan

195

auth-fail-max-attempts

195

auth-fail-vlanid

195

auth-mode none

304

autosave

221

bridged-routed

129

clear ACL-on-arp

134

clear auth-mac-table

269

clear dhcp

340

,

358

clear dot1x statistics

206

clear port security

223

clear statistics dos-attack

328

clear table-mac-vlan

243

console timeout

25

crypto key client generate | zeroize dsa

97

crypto key client generate | zeroize rsa

98

crypto key generate | zeroize rsa

85

cycle time

306

default-gateway

29

dhcp snooping client-learning disable

339

,

358

dhcp snooping trust

339

,

358

dns-filter

308

dot1x auth-fail-action restrict-vlan

195

dot1x auth-timeout-action succes

182

dot1x-enable

191

dot1x initialize ethernet

195

enable aaa console

71

enable port-config-password

32

enable super-user-password

32

,

52

enable telnet password

52

enable user disable-on-login-failure

39

global-filter-strict-security

188

ip access-group

108

,

109

,

112

ip access-group frag deny

128

ip access-list extended

118

ip access-list standard

109

ip dhcp relay information policy keep

346

ip dhcp snooping vlan

339

,

357

ip directed-broadcast

324

ip mtu

175

ip preserve-ACL-user-input-format

122

ip ssh client

26

ip ssh key-authentication yes | no

88

ip ssh password-authentication no | yes

88

ip ssh permit-empty-passwd no | yes

89

ip ssh pub-key-file tftp

86

ip use-ACL-on-arp

133

ipv6 access-list

159

kill console

43

mac-authentication auth-fail-action

260

mac-authentication disable-aging

270

mac-authentication dos-protection mac-limit

267

mac-authentication enable

259

mac-authentication mac-filter

261

mac-authentication max-age

271

mac-authentication password-override

272

mac filter

248

mac filter-group log-enable

248

mac filter log-enable

250

mac-session-aging no-aging permitted-mac-only

195

match ip address

147

maxreq

194

port-down-auth-mac-cleanup

308

privilege level

33

radius-server host

64

,

65

,

181

radius-server host ipv6

67

radius-server retransmit

67

re-authentication

192

route-map

147

secure-login

305

secure-mac-address

221

servertimeout

195

set interface null0

147

set ip next hop

147

show users

40

snmp-client

26

ssh

98

tacacs-server key

49

tacacs-server retransmit

50

tacacs-server timeout

50

telnet-client

26

telnet login-retries

27

telnet login-timeout

28

telnet server enable vlan

28

telnet timeout

27

tftp client enable vlan

29

timeout tx-period

193

violation shutdown

223

command output

show aaa

57

show access-list

124

show auth-mac-address

273

show dot1x

201

show dot1x config

201

show dot1x mac-session

209

show dot1x statistics

205

show ip access-list

124

show ip dhcp relay information

347

show ip ssh config

91

show mac-address

242

show port security ethernet

224

show port security mac

224

show port security statistics

225

show table-mac-vlan

237

,

241

show table-mac-vlan denied-mac

239

show webauth

317

configuration

command authorization

55

passwords

36

RADIUS

61

RADIUS authorization

69

secure shell (SSH2)

83

TACACS and TACACS+

47

username

36

console idle time, defining

25

D

default tacacs+ | radius | none

55

defining Telnet idle time

27

denial of service (DoS)

avoiding being an intermediary in a Smurf attack

324

avoiding being a victim in a Smurf attack

324

displaying information

328

enabling for multi-device port authentication

267

Smurf attacks

323

TCP security enhancement

327

TCP SYN attacks

326

DHCPv6 snooping

355

Dot1x

388

FastIron Ethernet Switch Security Configuration Guide

53-1003088-03