Dos Defense - Draytek vigor2920 series User Manual
Dual-wan security router
Hide thumbs
Also See for vigor2920 series:
- User manual (434 pages) ,
- User manual (355 pages) ,
- User manual (251 pages)
Table of Contents
Advertisement
4
.
4
.
4
D
o
S
D
e
f
e
n
s
4
.
4
.
4
D
o
S
D
e
f
e
n
s
As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defense function in
the DoS Defense setup. The DoS Defense functionality is disabled for default.
Click Firewall and click DoS Defense to open the setup page.
Available settings are explained as follows:
Item
Enable Dos Defense
Select All
Enable SYN flood
defense
Enable UDP flood
defense
e
e
Description
Check the box to activate the DoS Defense Functionality.
Click this button to select all the items listed below.
Check the box to activate the SYN flood defense function.
Once detecting the Threshold of the TCP SYN packets from
the Internet has exceeded the defined value, the Vigor router
will start to randomly discard the subsequent TCP SYN
packets for a period defined in Timeout. The goal for this is
prevent the TCP SYN packets' attempt to exhaust the
limited-resource of Vigor router.
By default, the threshold and timeout values are set to 50
packets per second and 10 seconds, respectively. That means,
when 50 packets per second received, they will be regarded as
"attack event" and the session will be paused for 10 seconds.
Check the box to activate the UDP flood defense function. Once
detecting the Threshold of the UDP packets from the Internet
has exceeded the defined value, the Vigor router will start to
randomly discard the subsequent UDP packets for a period
defined in Timeout.
The default setting for threshold and timeout are 150 packets per
173
Vigor2920 Series User's Guide
Advertisement
Table of Contents
Need help?
Do you have a question about the vigor2920 series and is the answer not in the manual?
Questions and answers