Dell PowerConnect 6248 User's Guide - Page 193
Denial of Service, Denial of Service TCP Fragment
View all Dell PowerConnect 6248 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 193 highlights
Denial of Service Denial of Service refers to the exploitation of a variety of vulnerabilities which would interrupt the service of a host or make a network unstable. Use the Denial of Service page to configure settings to help prevent denial of service attacks. To display the Denial of Service page, click System →Management Security →Denial of Service in the tree view. Figure 6-64. Denial of Service The Denial of Service page contains the following fields: • Denial of Service SIP=DIP - Enabling SIP=DIP DoS prevention causes the switch to drop packets that have a source IP address equal to the destination IP address. • Denial of Service First Fragment - Enabling First Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller than the configured minimum TCP header size (Min TCP Hdr Size). • Denial of Service Min TCP Hdr Size - Specify the minimum TCP header size allowed. If First Fragment DoS prevention is enabled, the switch will drop packets that have a TCP header smaller then this configured value. • Denial of Service TCP Fragment - Enabling TCP Fragment DoS prevention causes the switch to drop packets that have an IP fragment offset equal to one. • Denial of Service TCP Flag - Enabling TCP Flag DoS prevention causes the switch to drop packets that meet any of the following conditions: - TCP flag SYN set and TCP source port less than 1024 - TCP control flags set to 0 and TCP sequence number set to 0 - TCP flags FIN, URG, and PSH set and TCP sequence number set to 0 Configuring System Information 193