Denial of Service Commands
Dell EMC Networking N1100-ON/N1500/N2000/N2100-
ON/N3000/N3100-ON/N4000 Series Switches
The Dell EMC Networking DoS capability supports a package of filters
intended to provide network administrators the ability to reduce network
exposure to common attack vectors. The following list shows the DoS attack
detection Dell EMC Networking supports.
•
SIP=DIP:
–
Source IP address = Destination IP address.
•
First Fragment:
–
TCP Header size smaller then configured value.
•
TCP Fragment:
–
IP Fragment Offset = 1.
•
TCP Flag:
–
TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0
and
–
TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set
and
–
TCP Sequence Number = 0 or TCP Flags SYN and FIN set.
•
L4 Port:
–
Source TCP/UDP Port = Destination TCP/UDP Port.
•
ICMP:
–
Limiting the size of ICMP Ping packets.
•
SMAC=DMAC:
–
Source MAC address = Destination MAC address.
•
TCP Port:
–
Source TCP Port = Destination TCP Port.
•
UDP Port:
–
Source UDP Port = Destination UDP Port.
•
TCP Flag & Sequence:
Security Commands
1021