Dos-Protection Tcp-Null-Scan; Dos-Protection Tcp-Syn-Fin-Scan - Edge-Core ECS2100-10T Reference Manual
10/28-port web-smart pro
gigabit ethernet switch
Hide thumbs
Also See for ECS2100-10T:
- Installation manual (51 pages) ,
- Quick start manual (9 pages) ,
- Quick start manual (8 pages)
Table of Contents
Advertisement
Chapter 9
| General Security Measures
Denial of Service Protection
dos-protection
tcp-null-scan
dos-protection
tcp-syn-fin-scan
Command Mode
Global Configuration
Example
Console(config)#dos-protection tcp-flooding bit-rate-in-kilo 65
Console(config)#
This command protects against DoS TCP-null-scan attacks in which a TCP NULL
scan message is used to identify listening TCP ports. The scan uses a series of
strangely configured TCP packets which contain a sequence number of 0 and no
flags. If the target's TCP port is closed, the target replies with a TCP RST (reset)
packet. If the target TCP port is open, it simply discards the TCP NULL scan. Use the
no form to disable this feature.
Syntax
[no] dos-protection tcp-null-scan
Default Setting
Disabled
Command Mode
Global Configuration
Example
Console(config)#dos-protection tcp-null-scan
Console(config)#
This command protects against DoS TCP-SYN/FIN-scan attacks in which a TCP SYN/
FIN scan message is used to identify listening TCP ports. The scan uses a series of
strangely configured TCP packets which contain SYN (synchronize) and FIN (finish)
flags. If the target's TCP port is closed, the target replies with a TCP RST (reset)
packet. If the target TCP port is open, it simply discards the TCP SYN FIN scan. Use
the no form to disable this feature.
Syntax
[no] dos-protection tcp-syn-fin-scan
Default Setting
Disabled
Command Mode
Global Configuration
– 316 –
Hide quick links:
Advertisement
Table of Contents
