Dos Attack Prevention Settings - D-Link DXS-3400 SERIES Web Ui Reference Manual
Lite layer 3 stackable 10gbe managed switch
Hide thumbs
Also See for DXS-3400 SERIES:
- Hardware installation manual (61 pages) ,
- How to set up (2 pages) ,
- Quick start manual (3 pages)
Table of Contents
Advertisement
DXS-3400 Series Lite Layer 3 Stackable 10GbE Managed Switch Web UI Reference Guide
The additional fields that can be configured in Storm Control Port Settings are described below:
Parameter
KBPS Rise
KBPS Low
Click the Apply button to accept the changes made.
After selecting the Level option as the Level Type, the following parameters are available.
The additional fields that can be configured in Storm Control Port Settings are described below:
Parameter
Level Rise
Level Low
Click the Apply button to accept the changes made.
DoS Attack Prevention Settings
This window is used to display and configure the Denial-of-Service (DoS) attack prevention settings. The following
well-known DoS types which can be detected by most Switches:
• Land Attack: This type of attack involves IP packets where the source and destination address are set to the
address of the target device. It may cause the target device to reply to itself continuously.
• Blat Attack: This type of attack will send packets with the TCP/UDP source port equal to the destination port of
the target device. It may cause the target device to respond to itself.
• TCP-Null: This type of attack involves port scanning by using specific packets which contain a sequence
number of 0 and no flags.
• TCP-Xmas: This type of attack involves port scanning by using specific packets which contain a sequence
number of 0 and the Urgent (URG), Push (PSH), and FIN flags.
• TCP SYN-FIN: This type of attack involves port scanning by using specific packets which contain SYN and FIN
flags.
• TCP SYN SrcPort Less 1024: This type of attack involves port scanning by using specific packets which
contain source port 0 to 1023 and SYN flag.
• Ping of Death Attack: A ping of death is a type of attack on a computer that involves sending a malformed or
otherwise a malicious ping to a computer. A ping is normally 64 bytes in size (many computers cannot handle a
ping larger than the maximum IP packet size which is 65535 bytes). The sending of a ping of this size can crash
the target computer. Traditionally, this bug has been relatively easy to exploit. Generally, sending a 65536 byte
Description
Enter the rise KBPS value used here. This option specifies the rise threshold
value as a rate of kilobits per second at which traffic is received on the port. This
value must be between 0 and 2147483647 Kbps.
Enter the low KBPS value used here. This option specifies the low threshold value
as a rate of kilobits per second at which traffic is received on the port. This value
must be between 0 and 2147483647 Kbps. If the low KBPS is not specified, the
default value is 80% of the specified risen KBPS.
Figure 9-86 Storm Control (Level Type - Level) Window
Description
Enter the rise level value used here. This option specifies the rise threshold value
as a percentage of the total bandwidth per port at which traffic is received on the
port. This value must be between 0% and 100%.
Enter the low level value used here. This option specifies the low threshold value
as a percentage of the total bandwidth per port at which traffic is received on the
port. This value must be between 0% and 100%. If the low level is not specified,
the default value is 80% of the specified risen level.
359
- Quick Links:
- 802.1Q Vlan
Hide quick links:
Advertisement
Table of Contents
