EasyManuals Logo

Cisco SG500-28 Administration Guide

Cisco SG500-28
548 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #424 background imageLoading...
Page #424 background image
Security
Denial of Service Prevention
Cisco 500 Series Stackable Managed Switch Administration Guide Release 1.3 406
20
Martian Addresses—Martian addresses are illegal from the point of view of
the IP protocol. See Martian Addresses for more details.
ICMP Attack—Sending malformed ICMP packets or overwhelming number
of ICMP packets to the victim that might lead to a system crash.
IP Fragmentation—Mangled IP fragments with overlapping, over-sized
payloads are sent to the device. This can crash various operating systems
due to a bug in their TCP/IP fragmentation re-assembly code. Windows 3.1x,
Windows 95 and Windows NT operating systems, as well as versions of
Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.
Stacheldraht DistributionThe attacker uses a client program to connect to
handlers, which are compromised systems that issue commands to zombie
agents, which in turn facilitate the DoS attack. Agents are compromised via
the handlers by the attacker.
Using automated routines to exploit vulnerabilities in programs that accept
remote connections running on the targeted remote hosts. Each handler can
control up to a thousand agents.
Invasor Trojan—A trojan enables the attacker to download a zombie agent
(or the trojan may contain one). Attackers can also break into systems using
automated tools that exploit flaws in programs that listen for connections
from remote hosts. This scenario primarily concerns the device when it
serves as a server on the web.
Back OrifaceTrojanThis is a variation of a trojan that uses Back Oriface
software to implant the trojan.
Defense Against DoS Attacks
The Denial of Service (DoS) Prevention feature assists the system administrator
in resisting such attacks in the following ways:
Enable TCP SYN protection. If this feature is enabled, reports are issued
when a SYN packet attack is identified, and the attacked port can be
temporarily shut-down. A SYN attack is identified if the number of SYN
packets per second exceeds a user-configured threshold.
Block SYN-FIN packets.
Block packets that contain reserved Martian addresses (Martian Addresses
page)

Table of Contents

Other manuals for Cisco SG500-28

Preview: Quick Start Guide
Quick Start Guide24 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco SG500-28 and is the answer not in the manual?

Cisco SG500-28 Specifications

General IconGeneral
Ports28
Port TypeGigabit Ethernet
LayerLayer 3
Switching Capacity56 Gbps
PoE SupportNo
Form FactorRack-mountable
RAM256 MB
Flash Memory32 MB
Power SupplyInternal
Jumbo Frame Support9KB
VLAN SupportYes
Operating Temperature32°F to 113°F (0°C to 45°C)
Operating Humidity10% to 90% non-condensing
Dimensions17.3 x 10.2 x 1.7 in (440 x 260 x 44 mm)
MAC Address Table Size16, 000 entries

Related product manuals