Chapter 12
| Security Measures
DoS Protection
– 307 –
Figure 194: Displaying the Binding Table for DHCP Snooping
DoS Protection
Use the Security > DoS Protection page to protect against denial-of-service (DoS)
attacks. A DoS attack is an attempt to block the services provided by a computer or
network resource. This kind of attack tries to prevent an Internet site or service from
functioning efficiently or at all. In general, DoS attacks are implemented by either
forcing the target to reset, to consume most of its resources so that it can no longer
provide its intended service, or to obstruct the communication media between the
intended users and the target so that they can no longer communicate adequately.
This section describes how to protect against DoS attacks.
Parameters
These parameters are displayed:
◆
Smurf Attack – Attacks in which a perpetrator generates a large amount of
spoofed ICMP Echo Request traffic to the broadcast destination IP address
(255.255.255.255), all of which uses a spoofed source address of the intended
victim. The victim should crash due to the many interrupts required to send
ICMP Echo response packets. (Default: Disabled)
◆
TCP Null Scan – A TCP NULL scan message is used to identify listening TCP
ports. The scan uses a series of strangely configured TCP packets which contain
a sequence number of 0 and no flags. If the target's TCP port is closed, the
target replies with a TCP RST (reset) packet. If the target TCP port is open, it
simply discards the TCP NULL scan. (Default: Disabled)
◆
TCP-SYN/FIN Scan – A TCP SYN/FIN scan message is used to identify listening
TCP ports. The scan uses a series of strangely configured TCP packets which
contain SYN (synchronize) and FIN (finish) flags. If the target's TCP port is
closed, the target replies with a TCP RST (reset) packet. If the target TCP port is
open, it simply discards the TCP SYN FIN scan. (Default: Disabled)
To Next Page