54 CHAPTER 5: ROUTER CONFIGURATION
DoS Detect Criteria
15 In the Total incomplete TCP/UDP sessions HIGH text box, enter the
number of unestablished sessions that will cause the software to start
deleting half-open sessions. The defaiult is 300.
16 In the Total incomplete TCP/UDP sessions LOW text box, enter the
number of unestablished sessions that must be reached before the
software stops deleting half-open sessions. The default is 250.
17 In the Incomplete TCP/UDP sessions (per min) HIGH text box, enter the
maximum number of incomplete TCP/UDP sessions allowed per minute.
The default is 250 sessions.
18 In the Incomplete TCP/UDP sessions (per min) LOW text box, enter the
minimum number of incomplete TCP/UDP sessions allowed per minute.
The default is 200 sessions.
19 In the Maximum incomplete TCP/UDP sessions number from the same
host text box, enter the maximum number of incomplete sessions
allowed from the same host. The default is 10 sessions.
20 In the Incomplete TCP/UDP sessions detect sensitive time period text box,
enter the length of time that msut elapse before an incomplete TCP/UDP
session is detected as incomplete. The default is 300 msec.
21 In the Maximum half-open fragmentation packet number from the same
host text box, enter the maximum number of half-open fragmentation
packets allowed from the same host. The default is 30 packets.
22 In the Half-open fragmentation detect sensitive time period text box,
enter the length of time that must elapse before a half-open
fragmentation session is detected as half-open. The default is 10000
msec.
23 In the Flooding cracker block time text box, enter the length of time that
must elapse between detection of a flood attack and blocking the attack.
The default is 300 seconds.
24 Click Apply to save the settings.
Special Applications Special Applications let you choose specific ports, and for these ports to
choose the specific applications that you want to work with the Network
Address Translation (NAT) feature of the Router. You can either choose
from a list of applications, or configure another application using
information supplied by the application vendor.