JetStream 52-Port Gigabit Stackable L3 Managed Switch CLI Guide
Chapter 15 DoS Defend Commands
DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network
attackers or the evil programs sending a lot of service requests to the Host. With the DoS
Defend enabled, the switch can analyze the specific field of the received packets and provide
the defend measures to ensure the normal working of the local network.
15.1 ip dos-prevent type
Description
The ip dos-prevent type command is used to enable the specified DoS
Defend Type. To disable the corresponding Defend Type, please use no ip
dos-prevent type command.
Syntax
ip dos-prevent type { land | scan-synfin | xma-scan | null-scan |
port-less-1024 | blat | ping-flood | syn-flood | win-nuke }
no ip dos-prevent type { land | scan-synfin | xma-scan | null-scan |
port-less-1024 | blat | ping-flood | syn-flood | win-nuke }
Parameter
land —— Land attack.
scan-synfin —— Scan SYNFIN attack.
xma-scan —— Xma Scan attack.
null-scan —— NULL Scan attack.
port-less-1024 ——The SYN packets whose Source Port less than 1024.
blat —— Blat attack.
ping-flood —— Ping flooding attack. With the ping flood attack enabled, the
switch will limit automatically the forwarding speed of ping packets to 512K
when attacked by ping flood.
syn-flood —— SYN/SYN-ACK flooding attack. With the syn-flood attack
enabled, the switch will limit automatically the forwarding speed of ping
packets to 512K when attacked by syn-flood.
win-nuke —— winNuke attack.
92
To Next Page
Loading...
