Security Configuration 8 - 7
6. Select OK to update the Denial of Service settings. Select Reset to revert to the last saved configuration. The firewall
policy can be invoked at any point in the configuration process by selecting Activate Firewall Policy from the upper, left-
hand side, of the access point user interface.
7. Select the Storm Control tab. Select the Activate Firewall Policy option on the upper left-hand side of the screen to
enable the screen’s parameters for configuration. Ensure this option stays selected to apply the configuration to the access
point profile.
TCP XMAS Scan The TCP XMAS Scan floods the target system with TCP packets including the FIN, URG, and
PUSH flags. This is used to determine details about the target system and can crash a
system.
TCP Header Fragment Enables the TCP Header Fragment denial of service check in the firewall.
Twinge The Twinge DoS attack sends ICMP packets and cycles through using all ICMP types and
codes. This can crash some Windows systems.
UDP Short Header Enables the UDP Short Header denial of service check in the firewall.
WINNUKE The WINNUKE DoS attack sends a large amount of data to UDP port 137 to crash the Net
BIOS service on windows and can also result on high CPU utilization on the target machine.
Hop Limit Zero Enables the check for Hop Limit in IPv6 packets. If the value is zero, it is considered a DoS
and is blocked.
Multicast ICMPv6 The Multicast ICMPv6 attack sends multicast ICMPv6 packets. This is applicable to only
ICMPv6 Echo request/reply packets.
TCP Intercept Mobility Enables the detection of IPv6 TCP packets with mobility option Home-Address-Option
(HAO) or RH (Routing Header) type two and does not generate TCP syn cookies for these
packets.
To Next Page
Loading...
