Netgear GSM4248P User Manual - Page 545
Denial of Service TCP FIN&URG&PSH, Denial of Service TCP Flag&Sequence
View all Netgear GSM4248P manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 545 highlights
AV Line of Fully Managed Switches M4250 Series Main User Manual • Denial of Service ICMPv4: Enabling ICMPv4 DoS prevention causes the switch to drop ICMPv4 packets with a type set to ECHO_REQ (ping) and a size greater than the configured ICMPv4 packet size. By default, this option is disabled. • Denial of Service Max ICMPv4 Packet Size: Specify the maximum ICMPv4 packet size allowed. If ICMPv4 DoS prevention is enabled, the switch drops ICMPv4 ping packets with a size greater than the configured value. The range is from 0 to 16376. The default value is 512. • Denial of Service ICMPv6: Enabling ICMPv6 DoS prevention causes the switch to drop ICMPv6 packets with a type set to ECHO_REQ (ping) and a size greater than the configured ICMPv6 packet size. By default, this option is disabled. • Denial of Service Max ICMPv6 Packet Size: Specify the maximum ICMPv6 packet size allowed. If ICMPv6 DoS prevention is enabled, the switch drops ICMPv6 ping packets with a size greater than the configured value. The range is from 0 to 16376. The default value is 512. • Denial of Service First Fragment: Enabling first fragment DoS prevention causes the switch to check the DoS options on the first fragment of a fragmented IP packet. Otherwise, the switch ignores the first fragment of a fragmented IP packet. By default, this option is disabled. • Denial of Service ICMP Fragment: Enabling ICMP Fragment DoS prevention causes the switch to drop ICMP fragmented packets. By default, this option is disabled. • Denial of Service SIP=DIP: Enabling SIP=DIP DoS prevention causes the switch to drop packets with a source IP address equal to the destination IP address. By default, this option is disabled. • Denial of Service SMAC=DMAC: Enabling SMAC=DMAC DoS prevention causes the switch to drop packets with a source MAC address equal to the destination MAC address. By default, this option is disabled. • Denial of Service TCP FIN&URG&PSH: Enabling TCP FIN & URG & PSH DoS prevention causes the switch to drop packets with TCP flags FIN, URG, and PSH set and the TCP sequence number equal to 0. By default, this option is disabled. • Denial of Service TCP Flag&Sequence: Enabling TCP Flag DoS prevention causes the switch to drop packets with TCP control flags set to 0 and the TCP sequence number set to 0. By default, this option is disabled. • Denial of Service TCP Fragment: Enabling TCP Fragment DoS prevention causes the switch to drop packets with a TCP payload for which the IP payload length minus the IP header size is less than the minimum allowed TCP header size. By default, this option is disabled. • Denial of Service TCP Offset: Enabling TCP Offset DoS prevention causes the switch to drop packets with a TCP header offset set to 1. By default, this option is disabled. • Denial of Service TCP Port: Enabling TCP Port DoS prevention causes the switch to drop packets for which the TCP source port is equal to the TCP destination port. By default, this option is disabled. Manage Switch Security 545 Main User Manual