Netgear M7300-24XF (XSM7224S) - ProSAFE 24-port, 10 Gigabit Stackable L2+ Managed Switch User Manual
390
|
Chapter : Managing Device Security
ProSafe® XSM7224S 10G Managed Stackable Switch Software Administration Manual
Denial of Service
To display the Denial of Service page, click Security
Access > Denial of Service
.
1.
Use Denial of Service Min TCP Header Size to specify the Min TCP Hdr Size allowed. If
DoS TCP Fragment is enabled, the switch will drop these packets:
•
First TCP fragments that has a TCP payload
- IP_Payload_Length - IP_Header_Size
< Min_TCP_Header_Size.
The factory default is disabled.
2.
Use Denial of Service L4 Port to enable L4 Port DoS prevention causing the switch to drop
packets having source TCP/UDP port number equal to destination TCP/UDP port number.
The factory default is disabled.
3.
Use Denial of Service First Fragment to enable First Fragment DoS prevention causing
the switch to check DoS options on first fragment IP packets when switch are receiving
fragmented IP packets. Otherwise, switch ignores the first fragment IP packages. The
factory default is disabled.
4.
Use Denial of Service ICMP to enable ICMP DoS prevention causing the switch to drop
ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than the
configured ICMP Pkt Size. The factory default is disabled.
5.
Use Denial of Service Max ICMP Packet Size to specify the Max ICMP Packet Size
allowed (This includes the ICMP header size of 8 bytes). If ICMP DoS prevention is enabled,