Dell PowerConnect 6248 Configuration Guide - Page 54

Denial of Service Attack Protection, Overview

Get Dell PowerConnect 6248 PDF manuals and user guides View all Dell PowerConnect 6248 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 54 highlights

Denial of Service Attack Protection This section describes the PowerConnect 6200 Series Denial of Service Protection feature. Overview Denial of Service: • Spans two categories: - Protection of the switch - Protection of the network • Protects against the exploitation of a number of vulnerabilities which would make the host or network unstable • Compliant with Nessus. Dell tested the switch software with Nessus version 2.0.10. Nessus is a widelyused vulnerability assessment tool. • PowerConnect 6200 Series software provides a number of features that help a network administrator protect networks against DoS attacks. There are 6 available types of attacks which can be monitored for and blocked. Each type of attack is represented by a dos-control command keyword. console(config)#dos-control ? firstfrag icmp l4port sipdip tcpflag tcpfrag Enables IPv4 first fragment checking. Enables ICMP size checking. Enables L4 port number checking. Enables SIP=DIP checking. Enables TCP flag checking. Enables TCP fragment checking. 54 Switching Configuration

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
54
Switching Configuration
Denial of Service Attack Protection
This section describes the PowerConnect 6200 Series Denial of Service Protection feature.
Overview
Denial of Service:
Spans two categories:
Protection of the switch
Protection of the network
Protects against the exploitation of a number of vulnerabilities which would make the host or network
unstable
Compliant with Nessus. Dell tested the switch software with Nessus version 2.0.10. Nessus is a widely-
used vulnerability assessment tool.
PowerConnect 6200 Series software provides a number of features that help a network administrator
protect networks against DoS attacks.
There are 6 available types of attacks which can be monitored for and blocked. Each type of attack is
represented by a
dos-control
command keyword.
console(config)#dos-control ?
firstfrag
Enables IPv4 first fragment checking.
icmp
Enables ICMP size checking.
l4port
Enables L4 port number checking.
sipdip
Enables SIP=DIP checking.
tcpflag
Enables TCP flag checking.
tcpfrag
Enables TCP fragment checking.