DXS-3227, DXS-3227P, DXS-3250 and DXS-3250E EWS User Guide
Enabling SYN Filtering
SYN attacks occur when TCP packets are transmitted with connections that cannot be completed. SYN attacks
result in congested network queues, and cause denial of service to legitimate TCP users. SYN Protection allows
network managers to drop illegal TCP packets. SYN Protection Filtering is defined on a per-port basis. To enable
SYN Filtering:
1.
Click Advanced Setup > Security Suite > DOS Attacks > SYN Filtering. The SYN Filtering Page opens:
Figure 86: SYN Filtering Page
The SYN Filtering Page contains the following fields:
•
Interface — Defines the port/LAG on which SYN protection is enabled.
•
IP Address — Defines the IP address on which SYN protection is enabled.
•
Mask — Defines the Destination IP address network mask. The default is 255.255.255.255.
•
TCP Port — Indicates the destination TCP port types for which SYN protection is enabled. The possible field
values are:
–
Known Ports — Contains a list of known TCP destination ports. The possible field values are:
–
HTTP — Defines the HTTP TCP port on which SYN filtering is enabled.
–
FTP-Control — Defines the FTP-Control TCP port on which SYN filtering is enabled.
–
FTP-Data — Defines the FTP-Data TCP port on which SYN filtering is enabled.
–
SSH — Defines the SSH TCP port on which SYN filtering is enabled.
–
Telnet — Defines the Telnet TCP port on which SYN filtering is enabled.
Page 146