CONFIGURATION PARAMETERS

DoS Criteria and Port Scan Criteria

Set up DoS and port scan criteria in the spaces provided (as shown below).

Parameter

Defaults

Description

 

 

 

Total incomplete

300

Defines the rate of new unestablished sessions

TCP/UDP sessions

sessions

that will cause the software to start deleting

HIGH

 

half-open sessions.

Total incomplete

250

Defines the rate of new unestablished sessions

TCP/UDP sessions

sessions

that will cause the software to stop deleting half-

LOW

 

open sessions.

Incomplete

250

Maximum number of allowed incomplete

TCP/UDP sessions

sessions

TCP/UDP sessions per minute.

(per min) HIGH

 

 

Incomplete

200

Minimum number of allowed incomplete

TCP/UDP sessions

sessions

TCP/UDP sessions per minute.

(per min) LOW

 

 

Maximum incomplete

10

Maximum number of incomplete TCP/UDP

TCP/UDP sessions

 

sessions from the same host.

number from same

 

 

host

 

 

Incomplete 300 TCP/UDP sessions msec detect sensitive time period

Maximum half-open 30 fragmentation packet number from same host

Half-open 10000 fragmentation detect msec sensitive time period

Length of time before an incomplete TCP/UDP session is detected as incomplete.

Maximum number of half-open fragmentation packets from the same host.

Length of time before a half-open fragmentation session is detected as half-open.

Flooding cracker

300

Length of time from detecting a flood attack to

block time

second

blocking the attack.

 

 

 

Note: The firewall does not significantly affect system performance, so we advise enabling the prevention features, and leaving them at the default settings to protect your network.

4-65

Page 103 Page 105
Page 104
Image 104
SMC Networks SMC7904WBRA2 manual DoS Criteria and Port Scan Criteria, High
Page 103 Page 105
Top Page Image Contents