Table of Contents
Advertisement
•
DoS Detect Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).
Parameter
Total incomplete
TCP/UDP sessions
HIGH
Total incomplete
TCP/UDP sessions
LOW
Incomplete
TCP/UDP sessions
(per min) HIGH
Incomplete
TCP/UDP sessions
(per min) LOW
Maximum incomplete
TCP/UDP sessions
number from same
host
Incomplete
TCP/UDP sessions
detect sensitive time
period
Maximum half-open
fragmentation packet
number from same
host
Half-open
fragmentation detect
sensitive time period
Flooding cracker
block time
Note: The firewall does not significantly affect system performance, so
we advise enabling the prevention features to protect your
network.
Defaults
Description
300
Defines the rate of new unestablished sessions
sessions
that will cause the software to start deleting
half-open sessions.
250
Defines the rate of new unestablished sessions
sessions
that will cause the software to stop deleting half-
open sessions.
250
Maximum number of allowed incomplete
sessions
TCP/UDP sessions per minute.
200
Minimum number of allowed incomplete
sessions
TCP/UDP sessions per minute.
10
Maximum number of incomplete TCP/UDP
sessions from the same host.
300
Length of time before an incomplete
msec
TCP/UDP session is detected as incomplete.
30
Maximum number of half-open fragmentation
packets from the same host.
10000
Length of time before a half-open
msec
fragmentation session is detected as half-open.
300 sec
Length of time from detecting a flood attack to
blocking the attack.
A
S
DVANCED
ETUP
4-51
Advertisement
Table of Contents
