xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch
224
Figure 8-66 DoS Attack Prevention Settings window
The fields that can be configured are described below:
Parameter Description
Land Attack
Tick to check whether the source address is equal to destination address of a
Blat Attack
Tick check whether the source port is equal to destination port of a received TCP
Tick to check whether the packets are TCP tiny fragment packets.
TCP Null Scan
Tick to check whether a received TCP packet contains a sequence number of 0 and
Tick to check whether a received TCP packet contains URG, Push and FIN flags.
Tick to check whether a received TCP packet contains FIN and SYN flags.
TCP SYN Src Port Less
Tick to check whether the TCP packets source ports are less than 1024 packets.
Tick to detect whether received packets are fragmented ICMP packets.
Tick to select all DoS attack types.
Select to enable or disable DoS attack prevention.
Select the action to be taken when detecting the attack.
Select to enable or disable DoS prevention trap state.
Select to enable or disable DoS prevention log state.
Click the Apply button to accept the changes made for each individual section.
Click the View Detail
link to view more information regarding the specific entry.
After clicking the View Detail
link, the following page will appear:
Figure 8-67 DoS Attack Prevention Detail - View Detail window
To Next Page
Loading...
