Edge-Core ECS4620-28T Quick Start Manual page 372
28/52-port l3 stackable gigabit ethernet switch
Hide thumbs
Also See for ECS4620-28T:
- Installation manual (59 pages) ,
- Quick start manual (9 pages) ,
- Cli reference manual (1260 pages)
Table of Contents
Advertisement
Chapter 12
| Security Measures
DoS Protection
◆
Smurf Attack – Attacks in which a perpetrator generates a large amount of
spoofed ICMP Echo Request traffic to the broadcast destination IP address
(255.255.255.255), all of which uses a spoofed source address of the intended
victim. The victim should crash due to the many interrupts required to send
ICMP Echo response packets. (Default: Enabled)
◆
TCP Flooding Attack – Attacks in which a perpetrator sends a succession of
TCP SYN requests (with or without a spoofed-Source IP) to a target and never
returns ACK packets. These half-open connections will bind resources on the
target, and no new connections can be made, resulting in a denial of service.
(Default: Disabled)
◆
TCP Flooding Attack Rate – Maximum allowed rate. (Range: 64-2000 kbits/
second; Default: 1000 kbits/second)
◆
TCP Null Scan – A TCP NULL scan message is used to identify listening TCP
ports. The scan uses a series of strangely configured TCP packets which contain
a sequence number of 0 and no flags. If the target's TCP port is closed, the
target replies with a TCP RST (reset) packet. If the target TCP port is open, it
simply discards the TCP NULL scan. (Default: Enabled)
◆
TCP-SYN/FIN Scan – A TCP SYN/FIN scan message is used to identify listening
TCP ports. The scan uses a series of strangely configured TCP packets which
contain SYN (synchronize) and FIN (finish) flags. If the target's TCP port is
closed, the target replies with a TCP RST (reset) packet. If the target TCP port is
open, it simply discards the TCP SYN FIN scan. (Default: Enabled)
◆
TCP Xmas Scan – A so-called TCP XMAS scan message is used to identify
listening TCP ports. This scan uses a series of strangely configured TCP packets
which contain a sequence number of 0 and the URG, PSH and FIN flags. If the
target's TCP port is closed, the target replies with a TCP RST packet. If the target
TCP port is open, it simply discards the TCP XMAS scan. (Default: Enabled)
◆
TCP/UDP Packets with Port 0 – Protects against DoS attacks in which the TCP
or UDP source port or destination port is set to zero. This technique may be
used as a form of DoS attack, or it may just indicate a problem with the source
device. When this command is enabled, the switch will drop these packets.
(Default: Enabled)
◆
UDP Flooding Attack – Attacks in which a perpetrator sends a large number of
UDP packets (with or without a spoofed-Source IP) to random ports on a
remote host. The target will determine that application is listening at that port,
and reply with an ICMP Destination Unreachable packet. It will be forced to
send many ICMP packets, eventually leading it to be unreachable by other
clients. (Default: Disabled)
◆
UDP Flooding Attack Rate – Maximum allowed rate. (Range: 64-2000 kbits/
second; Default: 1000 kbits/second)
– 366 –
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
