Dos Defense - Draytek VIGORFLY 200 User Manual

Draytek network router user manual

Hide thumbs Also See for VIGORFLY 200:

User manual (12 pages)

User manual (10 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

Table of Contents

As a sub-functionality of IP Filter/Firewall, there are 5 types of detect/ defense function in the

DoS Defense setup. The DoS Defense functionality is disabled for default.

Click Firewall and click DoS Defense to open the setup page.

Enable Dos Defense

Enable SYN flood defense

Enable UDP flood defense

Enable ICMP flood

defense

Enable Furtive port

scanner detection

Enable Ping of Death

Defense

VigorFly 200 Series User's Guide

Check the box to activate the DoS Defense Functionality.

Check the box to activate the SYN flood defense function.

Once detecting the Threshold of the TCP SYN packets from

the Internet has exceeded the defined value, the Vigor

router will start to randomly discard the subsequent TCP

SYN packets for a period defined in Timeout. The goal for

this is prevent the TCP SYN packets' attempt to exhaust the

limited-resource of Vigor router. By default, the threshold

and timeout values are set to 50 packets per second and 10

seconds, respectively.

Check the box to activate the UDP flood defense function.

Once detecting the Threshold of the UDP packets from the

Internet has exceeded the defined value, the Vigor router

will start to randomly discard the subsequent UDP packets

for a period defined in Timeout. The default setting for

threshold and timeout are 150 packets per second and 10

seconds, respectively.

Check the box to activate the ICMP flood defense function.

Similar to the UDP flood defense function, once if the

Threshold of ICMP packets from Internet has exceeded the

defined value, the router will discard the ICMP echo

requests coming from the Internet. The default setting for

threshold and timeout are 50 packets per second and 10

seconds, respectively.

Port Scan attacks the Vigor router by sending lots of packets

to many ports in an attempt to find ignorant services would

respond. Check the box to activate the Port Scan detection.

Whenever detecting this malicious exploration behavior, the

Vigor router will send out a warning.

Check the box to activate the Block Ping of Death function.

This attack involves the perpetrator sending overlapping

packets to the target hosts so that those target hosts will

hang once they re-construct the packets. The Vigor routers

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Dos Defense - Draytek VIGORFLY 200 User Manual

Hide quick links:

Related Manuals for Draytek VIGORFLY 200

Related Content for Draytek VIGORFLY 200

Table of Contents