TP-Link T1600G-18TSTL-SG2216 T1600G-18TSUN V1 Configuration Guide - Page 591
Click, Follow these steps to con DoS Defend, SYN sPort less, Blat Attack, Ping Flooding
View all TP-Link T1600G-18TSTL-SG2216 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 591 highlights
Configuring Network Security DoS Defend Configuration SYN sPort less 1024 Blat Attack Ping Flooding SYN/SYN-ACK Flooding WinNuke Attack Smurf Attack Ping Of Death 3) Click Apply. The attacker sends the illegal packet with its TCP SYN field set to 1 and source port smaller than 1024. The attacker sends the illegal packet with the same source port and destination port on Layer 4 and with its URG field set to 1. Similar to the Land Attack, the system performance of the attacked host is reduced because the Host circularly attempts to build a connection with the attacker. The attacker floods the destination system with Ping packets, creating a broadcast storm that makes it impossible for the system to respond to legal communication. The attacker uses a fake IP address to send TCP request packets to the server. Upon receiving the request packets, the server responds with SYN-ACK packets. Since the IP address is fake, no response will be returned. The server will keep on sending SYN-ACK packets. If the attacker sends overflowing fake request packets, the network resource will be occupied maliciously and the requests of the legal clients will be denied. Because the Operation System with bugs cannot correctly process the URG (Urgent Pointer) of TCP packets, the attacker sends this type of packets to the TCP port139 (NetBIOS) of the host with the Operation System bugs, which will cause the host with a blue screen. The attacker broadcasts large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP to a computer network using an IP broadcast address. Most devices on a network will respond to this by sending a reply to the source IP address. If the number of devices on the network that receive and respond to these packets is very large, the victim's host will be flooded with traffic, which can slow down the victim's host and cause the host impossible to work on. The attacker sends an improperly large Internet Control Message Protocol (ICMP) echo request packet, or a ping packet, with the purpose of overflowing the input buffers of the destination host and causing the host to crash. Note: If a port is in an LAG, its 802.1X authentication function cannot be enabled. Also, a port with 802.1X authentication enabled cannot be added to any LAG. 5.2 Using the CLI Follow these steps to configure DoS Defend: Step 1 configure Enter global configuration mode. Step 2 ip dos-prevent Globally enable the DoS defend feature. Configuration Guide 568