Example: Perpetual echo policy

This example is of an IDS attack-type policy that targets perpetual echoes on local port 7 and remote port 7.

UDP port 7 is the echo port. In an attack, if the header specifies the source and target ports as port 7, the UDP datagram echoes back and forth between the local port 7 and the remote UDP port 7.

This example uses the same IDS action, idsact2, as the Example: Restricted IP protocol policy example.

   ibm-idsConditionAuxClass    idscond5   # IDS condition
   {
   ibm-idsConditionType        ATTACK
   ibm-idsAttackType           PERPETUAL_ECHO
   ibm-idsLocalPortRange       7
   ibm-idsRemotePortRange      7
   ibm-policyIdsActionName     idsact2
   }
Parent topic: Change the intrusion detection policy file