Table of Contents
Advertisement
D-Link
One Minute High
Maximum Incomplete High
TCP Maximum Incomplete
Blocking Time
(min)
Denial of Service Thresholds
This is the rate of new half –open sessions that causes the
firewall to start deleting half open sessions. When the rate of
new connection attempts rises above this number, the DFL-1500
deletes half-open sessions as required to accommodate new
connection attempts.
This is the number of existing half-open sessions that causes the
firewall to start deleting half-open sessions. When the number of
existing half-open sessions rises above this number, the
DFL-1500 deletes half-open sessions as required to
accommodate new connection requests.
This is the number of existing half-open TCP sessions with the
same destination host IP address that causes the firewall to start
dropping half-open sessions to that same destination host IP
address. Enter a number between 1 and 250. As a general rule,
you should choose a smaller number for a smaller network, a
slower system or limited bandwidth.
When TCP Maximum Incomplete is reached you can choose if
the next session should be allowed or blocked. If you check
Blocking Time any new sessions will be blocked for the length
of time you specified in the next field (min) and all old
incomplete sessions will be cleared during this period. If you
want strong security, it is better to block the traffic for a short
time, as will give the server some time to digest the loading.
Enter the length of Blocking Time in minutes.
Table 8-2 Setup the Denial of Service Thresholds of attack alert
52
Part II
100
100
10
disabled
0
Advertisement
Table of Contents
