C
ONFIGURING
THE
B
ARRICADE
4-60
• DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).
Note: The firewall does not significantly affect system performance, so
we advise enabling the prevention features to protect your
network.
Parameter Defaults Description
Total incomplete
TCP/UDP sessions
HIGH
300
sessions
Defines the rate of new unestablished sessions
that will cause the software to start deleting
half-open sessions.
Total incomplete
TCP/UDP sessions
LOW
250
sessions
Defines the rate of new unestablished sessions
that will cause the software to stop deleting half-
open sessions.
Incomplete
TCP/UDP sessions
(per min) HIGH
250
sessions
Maximum number of allowed incomplete
TCP/UDP sessions per minute.
Incomplete
TCP/UDP sessions
(per min) LOW
200
sessions
Minimum number of allowed incomplete
TCP/UDP sessions per minute.
Maximum incomplete
TCP/UDP sessions
number from same
host
10 Maximum number of incomplete TCP/UDP
sessions from the same host.
Incomplete
TCP/UDP sessions
detect sensitive time
period
300
msec
Length of time before an incomplete
TCP/UDP session is detected as incomplete.
Maximum half-open
fragmentation packet
number from same
host
30 Maximum number of half-open fragmentation
packets from the same host.
Half-open
fragmentation detect
sensitive time period
10000
msec
Length of time before a half-open
fragmentation session is detected as half-open.
Flooding cracker
block time
300
second
Length of time from detecting a flood attack to
blocking the attack.
To Next Page
Loading...
