Table 18: Denial Of Service Configuration Fields - D-Link DWL-8600AP User Manual
Dws-4000 series access points
Hide thumbs
Also See for DWL-8600AP:
- Administrator's manual (135 pages) ,
- Reference manual (36 pages) ,
- Installation manual (12 pages)
Table of Contents
Advertisement
D-Link UWS User Manual
Field
Denial of Service First
Fragment
Denial of Service Min TCP Hdr
Size
Denial of Service ICMP
Denial of Service Max ICMP
Size
Denial of Service L4 Port
Denial of Service SIP=DIP
Denial of Service TCP Flag
Denial of Service TCP
Fragment
• If you change any of the DoS settings, click Submit to apply the changes to the switch. To preserve the
changes across a switch reboot, you must perform a save.
D-Link
Oct. 2015
Table 18: Denial of Service Configuration Fields
Description
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling First Fragment DoS prevention causes the
switch to drop packets that have a TCP header smaller then the configured
Min TCP Hdr Size. The factory default is disabled.
Specify the Min TCP Hdr Size allowed. If First Fragment DoS prevention is
enabled, the switch will drop packets that have a TCP header smaller then this
configured Min TCP Hdr Size. The factory default is disabled.
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling ICMP DoS prevention causes the switch to drop
ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than
the configured ICMP Pkt Size. The factory default is disabled.
Specify the Max ICMP Pkt Size allowed. If ICMP DoS prevention is enabled, the
switch will drop ICMP ping packets that have a size greater than this
configured Max ICMP Pkt Size. The factory default is disabled.
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling L4 Port DoS prevention causes the switch to
drop packets that have TCP/UDP source port equal to TCP/UDP destination
port. The factory default is disabled.
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling SIP=DIP DoS prevention causes the switch to
drop packets that have a source IP address equal to the destination IP address.
The factory default is disabled.
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling TCP Flag DoS prevention causes the switch to
drop packets that have TCP flag SYN set and TCP source port less than 1024 or
TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags FIN,
URG, and PSH set and TCP sequence number set to 0 or both TCP flags SYN and
FIN set. The factory default is disabled.
Enable or disable this option by selecting the corresponding line on the
pulldown entry field. Enabling TCP Fragment DoS prevention causes the
switch to drop packets that have an IP fragment offset equal to 1. The factory
default is disabled.
Denial of Service Protection
Unified Wired and Wireless Access System
Page 89
Hide quick links:
Advertisement
Table of Contents
