Chapter 24: Denial of Service (DoS) Commands
372
Note
This defense mechanism requires some involvement by the switch’s
CPU, though not as much as the Teardrop defense. This will not
impact the forwarding of traffic between the switch ports, but it can
affect the handling of CPU events, such as the processing of IGMP
packets and spanning tree BPDUs. For this reason, Allied Telesyn
recommends strictly limiting the use of this defense, activating it
only on those ports where an attack is most likely to originate.
Examples
The following command activates the defense on ports 1 and 5:
set dos pingofdeath port=1,5 state=enable