Netgear GS724TS-100NAS 사용자 설명서
Chapter 2: Configuring System Information
|
41
GS716Tv2 and GS724Tv3 Software Administration Manual
Click Refresh to refresh the page with the most current data from the switch.
Denial of Service
Use the Denial of Service (DoS) page to configure DoS control. The switch software provides
support for classifying and blocking specific types of DoS attacks. You can configure your
system to monitor and block six types of attacks:
support for classifying and blocking specific types of DoS attacks. You can configure your
system to monitor and block six types of attacks:
•
SIP=DIP: Source IP address = Destination IP address.
•
First Fragment: TCP Header size is smaller than the configured value.
•
TCP Fragment: IP Fragment Offset = 1.
•
TCP Flag: TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and TCP
Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and TCP Sequence
Number
Number
=
0 or TCP Flags SYN and FIN set.
•
L4 Port: Source TCP/UDP Port = Destination TCP/UDP Port.
•
ICMP: Limiting the size of ICMP Ping packets.
Auto-DoS Configuration
The Auto-DoS Configuration page lets you automatically enable all the DoS features
available on the switch, except for the L4 Port attack. See the previous section for information
about the types of DoS attacks the switch can monitor and block.
available on the switch, except for the L4 Port attack. See the previous section for information
about the types of DoS attacks the switch can monitor and block.
Note:
When Auto-DoS is enabled, a port that is under attack is
automatically shut down and does not forward traffic
To access the Auto-DoS Configuration page, click System
Management Denial of
Service > Auto-DoS Configuration.