D-Link DFL-1600 Reference Guide
Parameters
client_ip
2.47.43. disallow_clientkeyexchange (ID: 03700501)
Default Severity
Log Message
SSL Handshake: Disallow ClientKeyExchange. Closing down SSL
connection
connection
Explanation
The SSL connection will be closed because there are not enough
resources to process any ClientKeyExchange messages at the moment.
This could be a result of SSL handshake message flooding. This action
is triggered by a system that monitors the amount of resources that is
spent on key exchanges. This system is controlled by the advanced
setting SSL_ProcessingPriority.
resources to process any ClientKeyExchange messages at the moment.
This could be a result of SSL handshake message flooding. This action
is triggered by a system that monitors the amount of resources that is
spent on key exchanges. This system is controlled by the advanced
setting SSL_ProcessingPriority.
Gateway Action
ssl_close
Recommended Action
Investigate the source of this, and try to find out if it is a part of a
possible attack, or normal traffic.
possible attack, or normal traffic.
Revision
2
Parameters
client_ip
2.47.44. bad_packet_order (ID: 03700502)
Default Severity
Log Message
Bad SSL Handshake packet order. Closing down SSL connection
Explanation
Two or more SSL Handshake message were received in the wrong
order, and the SSL connection is closed.
order, and the SSL connection is closed.
Gateway Action
ssl_close
Recommended Action
None.
Revision
1
Parameters
client_ip
2.47.45. bad_clienthello_msg (ID: 03700503)
Default Severity
Log Message
SSL Handshake: Bad ClientHello message. Closing down SSL
connection
connection
Explanation
The ClientHello message (which is the first part of a SSL handshake)
is invalid, and the SSL connection is closed.
is invalid, and the SSL connection is closed.
Gateway Action
ssl_close
Recommended Action
None.
Revision
1
2.47.43. disallow_clientkeyexchange
(ID: 03700501)
(ID: 03700501)
Chapter 2. Log Message Reference
464