Denial of Service Commands
The following list shows the DoS attack detection PowerConnect supports.
Some platforms do not support detection for all of the DoS attack types in
the list.
•
SIP=DIP:
–
Source IP address = Destination IP address.
•
First Fragment:
–
TCP Header size smaller then configured value.
•
TCP Fragment:
–
IP Fragment Offset = 1.
•
TCP Flag:
–
TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0
and
–
TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set
and
–
TCP Sequence Number = 0 or TCP Flags SYN and FIN set.
•
L4 Port:
–
Source TCP/UDP Port = Destination TCP/UDP Port.
•
ICMP:
–
Limiting the size of ICMP Ping packets.
•
SMAC=DMAC:
–
Source MAC address = Destination MAC address.
•
TCP Port:
–
Source TCP Port = Destination TCP Port.
•
UDP Port:
–
Source UDP Port = Destination UDP Port.
•
TCP Flag & Sequence:
Denial of Service Commands
66
1453