D-Link DSS-200G-28MP Product Manual - Page 83

Storm Control, DoS Attack Prevention Settings, Storm Control Port Settings

Get D-Link DSS-200G-28MP PDF manuals and user guides View all D-Link DSS-200G-28MP manuals
Add to My Manuals
Save this manual to your list of manuals

Page 83 highlights

D-Link DSS-200G MP/MPP series Switch User Manual The fields that can be configured are described below: Parameter Description From Port / To Port Select the receiving port range used for the configuration here. From Forward Port / To Select the forward port range used for the configuration here. Forward Port Click the Add button to add a new entry based on the information entered. Click the Delete button to remove an entry based on the information entered. Storm Control This window is used to view and configure the storm control settings. Once a packet storm has been detected, the switch will drop packets coming into the switch until the storm has subsided. To view the following window, click Security > Storm Control, as shown below: Figure 4-53 Storm Control window The fields that can be configured for Storm Control Port Settings are described below: Parameter From Port / To Port Type Rate Limit Description Select the appropriate port range used for the configuration here. Select the type of storm attack that will be controlled here. Options to choose from are None, Broadcast, Multicast, and Unicast. Select a data rate from 16Kbps to 512Mbps. Click the Apply button to accept the changes made. DoS Attack Prevention Settings This window is used to view and configure the Denial-of-Service (DoS) attack prevention settings. The following well-known DoS types which can be detected by most switches: • Land Attack: This type of attack involves IP packets where the source and destination address are set to the address of the target device. It may cause the target device to reply to itself continuously. • Blat Attack: This type of attack will send packets with the TCP/UDP source port equal to the destination port of the target device. It may cause the target device to respond to itself. • TCP Null Scan: This type of attack involves port scanning by using specific packets which contain a sequence number of 0 and no flags. • TCP Xmascan: This type of attack involves port scanning by using specific packets which contain a sequence number of 0 and the Urgent (URG), Push (PSH), and FIN flags. • TCPSYN-FIN: This type of attack involves port scanning by using specific packets which contain SYN and FIN flags. 78

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
D-Link DSS-200G MP/MPP series Switch User Manual
78
The fields that can be configured are described below:
Parameter
Description
From Port / To Port
Select the receiving port range used for the configuration here.
From Forward Port / To
Forward Port
Select the forward port range used for the configuration here.
Click the
Add
button to add a new entry based on the information entered.
Click the
Delete
button to remove an entry based on the information entered.
Storm Control
This window is used to view and configure the storm control settings. Once a packet storm has been
detected, the switch will drop packets coming into the switch until the storm has subsided.
To view the following window, click
Security > Storm Control
, as shown below:
Figure 4-53 Storm Control window
The fields that can be configured for
Storm Control Port Settings
are described below:
Parameter
Description
From Port / To Port
Select the appropriate port range used for the configuration
here.
Type
Select the type of storm attack that will be controlled here.
Options to choose from are
None,
Broadcast
,
Multicast
, and
Unicast
.
Rate Limit
Select a data rate from 16Kbps to 512Mbps.
Click the
Apply
button to accept the changes made.
DoS Attack Prevention Settings
This window is used to view and configure the Denial-of-Service (DoS) attack prevention settings. The
following well-known DoS types which can be detected by most switches:
Land Attack:
This type of attack involves IP packets where the source and destination
address are set to the address of the target device. It may cause the target device to reply to
itself continuously.
Blat Attack
: This type of attack will send packets with the TCP/UDP source port equal to the
destination port of the target device. It may cause the target device to respond to itself.
TCP Null Scan:
This type of attack involves port scanning by using specific packets which
contain a sequence number of 0 and no flags.
TCP Xmascan:
This type of attack involves port scanning by using specific packets which
contain a sequence number of 0 and the Urgent (URG), Push (PSH), and FIN flags.
TCPSYN-FIN:
This type of attack involves port scanning by using specific packets which
contain SYN and FIN flags.