Cisco 350 Series Administration Manual page 512

Security
Denial of Service Prevention
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
STEP 6
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
To configure DoS Prevention global settings and monitor SCT:
Click Security > Denial of Service Prevention > Security Suite Settings.
CPU Protection Mechanism: Enabled indicates that SCT is enabled.
Click Details beside CPU Utilization to go to the
resource utilization information.
Click Edit beside TCP SYN Protection to set the feature.
Select DoS Prevention to enable the feature.
• Disable—Disable the feature.
• System-Level Prevention—Enable that part of the feature that prevents attacks from
Stacheldraht Distribution, Invasor Trojan, and Back Orifice Trojan.
• System-Level and Interface-Level Prevention—Enable that part of the feature that
prevents attacks from Stacheldraht Distribution, Invasor Trojan, and Back Orifice
Trojan.
If System-Level Prevention or System-Level and Interface-Level Prevention is selected,
enable one or more of the following DoS Prevention options:
• Stacheldraht Distribution—Discards TCP packets with source TCP port equal to
16660.
• Invasor Trojan—Discards TCP packets with destination TCP port equal to 2140 and
source TCP port equal to 1024.
• Back Orifice Trojan—Discards UDP packets with destination UDP port equal to
31337 and source UDP port equal to 1024.
Click the following as required:
• Martian Addresses—Click Edit to go to the
• SYN Filtering—Click Edit to go to the
• SYN Rate Protection—(In Layer 2 only) Click Edit to go to the
page.
• ICMP Filtering—Click Edit to go to the
• IP Fragmented—Click Edit to go to the
CPU Utilization page and view CPU
Martian Addresses
SYN Filtering page.
ICMP Filtering page.
IIP Fragments Filtering
17
page.
SYN Rate Protection
page.
369