Netgear GS110TP GS108T/ GS110TP Smart Switch Software Administration Manual - Page 42

GS108T and GS110TP Smart Switch Software Administration Manual Denial of Service Use the Denial of Service (DoS) page to configure DoS control. The switch software provides support for classifying and blocking specific types of DoS attacks. You can configure your system to monitor and block six types of attacks: • SIP=DIP: Source IP address = Destination IP address. • First Fragment: TCP Header size is smaller than the configured value. • TCP Fragment: IP Fragment Offset = 1. • TCP Flag: TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence Number = 0 or TCP Flags SYN and FIN set. • L4 Port: Source TCP/UDP Port = Destination TCP/UDP Port. • ICMP: Limiting the size of ICMP Ping packets. Auto-DoS Configuration The Auto-DoS Configuration page lets you automatically enable all the DoS features available on the switch, except for the L4 Port attack. See the previous section for information about the types of DoS attacks the switch can monitor and block. To access the Auto-DoS Configuration page, click System  Management  Denial of Service > Auto-DoS Configuration. To configure the Auto-DoS feature: 1. Select a radio button to enable or disable Auto-DoS: • Disable. Auto-DoS is disabled (default). • Enable. Auto-DoS is enabled. 2. Click Apply to send the updated configuration to the switch. Configuration changes occur immediately. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 42 | Chapter 2: Configuring System Information