Network Security > DoS > Global
Network Security
RM GUI HiSecOS EAGLE20/30
Release
3.0
09/2015
181
Activate SYN/FIN
Filter
Activates/deactivates the SYN/FIN scan.
Possible values:
marked
The device detects incoming data packets with the TCP flags SYN
and FIN set simultaneously and discards these.
unmarked
(default setting)
The SYN/FIN scan is inactive.
Activate TCP Offset
Protection
Activates/deactivates the TCP offset scan.
Possible values:
marked
The device detects incoming TCP data packets whose fragment offset
field of the IP header is equal to 1 and discards them.
The device accepts UDP and ICMP packets whose fragment offset
field of the IP header is equal to 1.
unmarked
(default setting)
The TCP offset scan is inactive.
Activate TCP SYN
Protection
Activates/deactivates the TCP SYN scan.
Possible values:
marked
The device detects incoming data packets with the TCP flag SYN set
and a L4 source port <1024 and discards them.
unmarked
(default setting)
The TCP SYN scan is inactive.
Activate L4 Port
Protection
Activates/deactivates the L4 port scan.
Possible values:
marked
The device detects incoming TCP and UDP data packets whose
source port number and destination port number are identical and
discards them.
unmarked
(default setting)
The L4 port scan is inactive.
Activate Minimal
Header Filter
Activates/deactivates the minimal header scan.
Possible values:
marked
The device detects incoming data packets whose IP payload length in
the IP header less the outer IP header size is smaller than the
minimum TCP header size. If this is the first fragment that the device
detects, the device discards the data packet.
unmarked
(default setting)
The minimal header scan is inactive.
Parameters Meaning
To Next Page
Loading...