CHAPTER 8 Firewall Configuration

DoS

TCP SynWithData: Prevents the hacker sending a volume of requests for connections that cannot be completed.

UDP Bomb: Also called a UDP Flood or packet storm. Prevents the hacker congesting the network by generating a flood of UDP packets between it and the unit using the UDP chargen service (a testing utility that generates a character string for every packet it receives).

UDP EchoChargen: Prevents the hacker from sending a UDP packet to the echo server with a source port set to the chargen port.

packets/second: Enter the number of packets per second that you want to scan for malicious activity.

Sensitivity: Specifies the sensivity of the TCP/UDP port scan

prevention. (Options: High, Low; Default: Low)

Select All — Selects all DoS prevention measures listed.

Clear — Clears all fields.

Enable Source IP Blocking — When multiple attacks are detected from each of the fields listed above, or the packet threshold has been exceeded - the IP address of the hacker is blocked.

Block Interval (second) — Sets the length of time the IP address should remain blocked.

– 100 –

Page 100
Image 100
SMC Networks SMC7901WBRA2 B1 manual 100