D-Link DXS-3400 User Manual - Page 377
DoS Attack Prevention Settings, Ping of Death Attack
View all D-Link DXS-3400 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 377 highlights
DXS-3400 Series Lite Layer 3 Stackable 10GbE Managed Switch Web UI Reference Guide The additional fields that can be configured in Storm Control Port Settingsare described below: Parameter KBPS Rise KBPS Low Description Enter the rise KBPS value used here. This option specifies the rise threshold value as a rate of kilobits per second at which traffic is received on the port. This value must be between 1and2147483647 Kbps. Enter the low KBPS value used here. This option specifies the low threshold value as a rate of kilobits per second at which traffic is received on the port. This value must be between 1and2147483647 Kbps. If the low KBPS is not specified, the default value is 80% of the specified risen KBPS. Click the Apply button to accept the changes made. After selecting the Leveloption as the Level Type, the following parameters are available. Figure 9-86Storm Control (Level Type - Level) Window The additional fields that can be configured in Storm Control Port Settingsare described below: Parameter Level Rise Level Low Description Enter the rise level value used here. This option specifies the rise threshold value as a percentage of the total bandwidth per port at which traffic is received on the port. This value must be between 1%and 100%. Enter the low level value used here. This option specifies the low threshold value as a percentage of the total bandwidth per port at which traffic is received on the port. This value must be between 1%and 100%. If the low level is not specified, the default value is 80% of the specified risen level. Click the Apply button to accept the changes made. DoS Attack Prevention Settings This window is used to display and configure the Denial-of-Service (DoS) attack prevention settings. The following well-known DoS types which can be detected by most Switches: • Land Attack: This type of attack involves IP packets where the source and destination address are set to the address of the target device. It may cause the target device to reply to itself continuously. • Blat Attack: This type of attack will send packets with the TCP/UDP source port equal to the destination port of the target device. It may cause the target device to respond to itself. • TCP-Null: This type of attack involves port scanning by using specific packets which contain a sequence number of 0 and no flags. • TCP-Xmas: This type of attack involves port scanning by using specific packets which contain a sequence number of 0 and the Urgent (URG), Push (PSH), and FIN flags. • TCPSYN-FIN: This type of attack involves port scanning by using specific packets which contain SYN and FIN flags. • TCP SYN SrcPort Less 1024: This type of attack involves port scanning by using specific packets which contain source port 0 to 1023 and SYN flag. • Ping of Death Attack: A ping of death is a type of attack on a computer that involves sending a malformed or otherwise a malicious ping to a computer. A ping is normally 64 bytes in size (many computers cannot handle a 367