Netgear GS748Tv4 GS748Tv4 Software Administration Manual - Page 46

GS748T Smart Switch Software Administration Manual • TCP Fragment: TCP Header size is smaller than the configured value. Enable or disable this option by selecting the corresponding line on the radio button. Enabling TCP Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller than the configured Min TCP Hdr Size. The factory default is disabled. • TCP Flag: Enable or disable this option by selecting the corresponding line on the radio button. Enabling TCP Flag DoS prevention causes the switch to drop packets that have TCP flag SYN set and TCP source port less than 1024 or TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags FIN, URG, and PSH set and TCP sequence number set to 0 or both TCP flags SYN and FIN set. The factory default is disabled. • L4 Port: Enable or disable this option by selecting the corresponding line on the radio button. Enabling L4 Port DoS prevention causes the switch to drop packets that have TCP/UDP source port equal to TCP/UDP destination port. The factory default is disabled. • ICMP: Enable or disable this option by selecting the corresponding line on the radio button. Enabling ICMP DoS prevention causes the switch to drop ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than the configured ICMP Pkt Size. The factory default is disabled. Auto-DoS Configuration The Auto-DoS Configuration page lets you automatically enable all the DoS features available on the switch, except for the L4 Port attack. See the previous section for information about the types of DoS attacks the switch can monitor and block. To access the Auto-DoS Configuration page, click System > Management > Denial of Service > Auto-DoS Configuration. To configure the Auto-DoS feature: 1. Select a radio button to enable or disable Auto-DoS: • Disable. Auto-DoS is disabled (default). 46 | Chapter 2: Configuring System Information