Denial Of Service Commands - NETGEAR M6100 Series Reference Manual
Hide thumbs
Also See for M6100 Series:
- Hardware installation manual (76 pages) ,
- Software setup manual (34 pages) ,
- Installation manual (20 pages)
Table of Contents
Advertisement
Serial Num: xxx xxx xxx
Mfg Name: xxx xxx xxx
Model Name: xxx xxx xxx
Asset ID: xxx xxx xxx
Location
Subtype: elin
Info: xxx xxx xxx
Extended POE
Device Type: pseDevice
Extended POE PSE
Available: 0.3 Watts
Source: primary
Priority: critical
Extended POE PD
Required: 0.2 Watts
Source: local
Priority: low
Denial of Service Commands
This section describes the commands you use to configure Denial of Service (DoS) Control.
NETGEAR Managed Switch software provides support for classifying and blocking specific
types of Denial of Service attacks. You can configure your system to monitor and block these
types of attacks:
•
SIP = DIP: Source IP address = Destination IP address.
•
First Fragment:TCP Header size smaller then configured value.
•
TCP Fragment: Allows the device to drop packets that have a TCP payload where the IP
payload length minus the IP header size is less than the minimum allowed TCP header
size.
•
TCP Flag: TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and TCP
Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence
Number = 0 or TCP Flags SYN and FIN set.
•
L4 Port: Source TCP/UDP Port = Destination TCP/UDP Port.
•
ICMP: Limiting the size of ICMP Ping packets.
•
SMAC = DMAC: Source MAC address = Destination MAC address
•
TCP Port: Source TCP Port = Destination TCP Port
•
UDP Port: Source UDP Port = Destination UDP Port
M6100 Series Switches
Switching Commands
558
Advertisement
Chapters
Table of Contents
