Manuals / TP-Link / Computer Equipment / Switch

TP-Link TL-SG3216 manual DoS Attack Type Description

Models: TL-SG3216

1 232

Download 232 pages 26.13 Kb

Page 161

DoS Attack Type	Description

Land Attack	The attacker sends a specific fake SYN packet to the destination Host.
	Since both the source IP address and the destination IP address of the SYN
	packet are set to be the IP address of the Host, the Host will be trapped in
	an endless circle for building the initial connection. The performance of the
	network will be reduced extremely.

Scan SYNFIN	The attacker sends the packet with its SYN field and the FIN field set to 1.
	The SYN field is used to request initial connection whereas the FIN field is
	used to request disconnection. Therefore, the packet of this type is illegal.
	The switch can defend this type of illegal packet.

Xmascan	The attacker sends the illegal packet with its TCP index, FIN, URG and
	PSH field set to 1.

NULL Scan Attack	The attacker sends the illegal packet with its TCP index and all the control
	fields set to 0. During the TCP connection and data transmission, the
	packets with all the control fields set to 0 are considered as the illegal
	packets.

SYN packet with its source port	The attacker sends the illegal packet with its TCP SYN field set to 1 and
less than 1024	source port less than 1024.

Blat Attack	The attacker sends the illegal packet with its source port and destination
	port on Layer 4 the same and its URG field set to 1. Similar to the Land
	Attack, the system performance of the attacked Host is reduced since the
	Host circularly attempts to build a connection with the attacker.

Ping Flooding	The attacker floods the destination system with Ping broadcast storm
	packets to forbid the system to respond to the legal communication.

SYN/SYN-ACK Flooding	The attacker uses a fake IP address to send TCP request packets to the
	Server. Upon receiving the request packets, the Server responds with
	SYN-ACK packets. Since the IP address is fake, no response will be
	returned. The Server will keep on sending SYN-ACK packets. If the attacker
	sends overflowing fake request packets, the network resource will be
	occupied maliciously and the requests of the legal clients will be denied.

Table 11-1 Defendable DoS Attack Types

On this page, you can enable the DoS Defend type appropriate to your need.

Choose the menu Network Security→DoS Defend→DoS Defend to load the following page.

154

Image 161

TP-Link TL-SG3216 manual DoS Attack Type Description

Contents

TL-SG3216/TL-SG3424 JetStream L2 Lite Managed Switch Copyright & Trademarks Contents Gvrp 100 VII NDP Package Contents Intended Readers About this GuideConventions Overview of This GuideSystem Switching Vlan Spanning Tree Multicast QoS ACL Network Security Snmp Cluster Return to Contents Introduction Overview of the SwitchMain Features ¾ LEDs Name Status Indication Appearance DescriptionFront Panel Rear Panel Configuration Login to the SwitchLogin Return to Contents System Info SystemSystem Summary ¾ Port StatusType PortRate Status¾ Device Description Device DescriptionSystem Time Get GMT Current SystemSynchronize With PC’S ClockSystem IP ¾ IP ConfigUser Table User ConfigUser Manage ¾ User Info User ID, Name, Access Level and status OperationUser Status ¾ User TableConfig Backup Config Restore¾ Config Restore System Tools¾ Config Backup Firmware UpgradeSystem Reboot Access SecuritySystem Reset Access Control¾ Session Config ¾ Access Control ConfigIP Address&Mask MAC Address¾ Access User Number SSL Config¾ Global Config SSH Config¾ Certificate Download ¾ Key DownloadMax Connect Idle TimeoutProtocol Key Type ¾ Configuration ProcedureDownload ¾ Network RequirementsApplication Example 2 for SSH Page Return to Contents Port Config SwitchingPort Port SelectDescription Port MirrorSpeed and Duplex Flow ControlGroup Mirror ModeMirroring Mode¾ Port Security Port SecurityLearned Num LAGMax Learned MAC Aggregate Arithmetic LAG Table¾ LAG Table Group NumberDetail Information Static LAGLAG will delete this LAG Lacp Config¾ LAG Config Admin Key ¾ Lacp ConfigSystem Priority Port Priority¾ Auto Refresh Traffic MonitorTraffic Summary Traffic Statistics MAC Address Bound MAC address Address TableWay Port¾ Address Table ¾ Search OptionStatic Address MAC Address Displays the MAC address learned by the switchDisplays the corresponding Vlan ID of the MAC address ¾ Create Static Address¾ Static Address Table Dynamic Address¾ Dynamic Address Table ¾ Aging ConfigBind Filtering Address¾ Filtering Address Table ¾ Create Filtering AddressVlan ¾ Link Types of ports 802.1Q Vlan¾ Pvid ¾ Vlan Table Vlan ConfigVlan ID Select Description ：Enter the ID number of Vlan ¾ Vlan ConfigIs valid or not ¾ Vlan MembersPort Displays the port number ¾ Vlan Port ConfigRequired. On the VLAN→802.1Q VLAN→VLAN Config Required. On the VLAN→802.1Q VLAN→Port Config page, set¾ Vlan of Port Vlan DescriptionMAC Vlan VLAN→VLAN Config¾ MAC Vlan Table Protocol VlanMAC Select Step Operation Description¾ Encapsulation Format of Ethernet Data ¾ The Procedure for the Switch to Identify Packet ProtocolEncapsulation ¾ The Implementation of Protocol Vlan802.3 raw 802.2 LLC Snap Protocol Vlan packets are processed in the following way¾ Protocol Group Table Protocol Group TableProtocol Group ¾ Protocol Group Member ¾ Protocol Group ConfigProtocol Template Application Example for 802.1Q Vlan Required. On VLAN→802.1Q VLAN→VLAN Config page, create a ¾ Network Diagram ¾ Configuration ProcedureRequired. On VLAN→802.1Q VLAN→Port Config page, configure Application Example for MAC Vlan Application Example for Protocol Vlan ¾ Network DiagramRequired. On VLAN→Protocol VLAN→Protocol Template On VLAN→Protocol VLAN→Protocol Group page, create protocol Gvrp¾ Gvrp Select Port Status Registration Mode ¾ Port ConfigConfiguration Procedure ¾ STP Elements Spanning Tree¾ STP Generation ¾ STP Timers¾ Bpdu Comparing Principle in STP mode Tips ： Step Operation¾ Mstp Elements ¾ Rstp Elements¾ Port Roles ¾ Port StatesSTP Config STP ConfigVersion Forward DelayHello Time Max AgeSTP Summary Port ConfigExtPath PriorityIntPath Edge PortPort Status Region ConfigMstp Instance ¾ Region Config Instance Config¾ Instance Table Instance Port ConfigInstance ClearPort Role Instance IDPath Cost Port Protect STP Security¾ Bpdu Filter ¾ TC Protect¾ Bpdu Protect Root Protect Loop ProtectTC Protect Bpdu ProtectTC Protect Application Example for STP FunctionOn Spanning Tree→MSTP Instance→Instance On Spanning Tree→STP Config→STP ConfigOn Spanning Tree→STP Config→Port Config Configure Switch D ¾ Suggestion for Configuration ¾ Multicast Address Multicast¾ Multicast Overview Multicast IP Port ¾ Multicast Address Table¾ Igmp Snooping Igmp Snooping¾ Igmp Snooping Process ¾ Igmp Messages¾ Igmp Snooping Fundamentals Snooping ConfigDescription Displays Igmp Snooping status Member ¾ Igmp Snooping StatusFast Leave Igmp SnoopingMember Port Time Router Port TimeLeave Time Static Router PortMulticast→IGMP Snooping→VLAN Config Snooping→Snooping Config and Port ConfigMulticast Vlan Displays the Vlan ID¾ Multicast Vlan Multicast→IGMP Snooping→Multicast Vlan On the Multicast→IGMP Snooping→Snooping ConfigVlan Snooping→Port Config ¾ Configuration Procedure Step Operation DescriptionSnooping→Snooping Config Multicast IPStatic Multicast IP Multicast IP Table¾ Static Multicast IP Table Multicast Filter¾ Create Static Multicast IP Range ID IP-RangeStart Multicast IP End Multicast IPAction Mode ¾ Port Filter ConfigPort Filter FilterPorts taking up too much bandwidth Packet StatisticsDisplays the LAG number which the port belongs to Multicast→Multicast Filter→IP-Range¾ Igmp Statistics ¾ QoS ¾ Priority ModeQoS 802.1Q frame ¾ Schedule ModeSP-Mode Port Priority ¾ Port Priority ConfigDiffServ Required. On QoS→DiffServ→Schedule Mode Schedule Mode¾ Schedule Mode Config Required. On QoS→DiffServ→Port Priority¾ Priority Level 3 802.1P PriorityDscp Priority Required. On QoS→DiffServ→DSCP Priority ¾ Dscp Priority ConfigRate Limit ¾ Rate Limit ConfigBandwidth Control Storm Control ¾ Storm Control ConfigBroadcast Rate Voice VlanBps Mulitcast RateTAG ¾ Security Mode of Voice VlanEnter the Vlan ID of the voice Vlan Global ConfigSecurity Packet Type Processing Mode Select the desired port for voice Vlan configuration. It is OUI Config Displays the OUI address of the voice device Configuration Procedure of Voice VlanTime-Range ACLTime-Range Summary IndexTime-Range Create Holiday Config ACL Config¾ Create Holiday ¾ Holiday TableACL Create ACL Summary¾ Rule Table ¾ Create ACL¾ Create MAC ACL MAC ACLRule ID EtherTypeExtend-IP ACL Standard-IP ACL¾ Create Standard-IP ACL Time-RangeTCP Flag ： ¾ Create Extend-IP ACLIP Protocol Policy Summary Policy ConfigAction Create Policy Create¾ Create Policy ¾ Create ActionBinding Table Policy BindingDirection Displays the binding direction Port BindingVlan Binding Application Example for ACL ¾ VLAN-Bind ConfigEnter the ID of the Vlan you want to bind ¾ VLAN-Bind TableOn ACL→ACL Config→ACL Create page, create ACL On ACL→ACL Config→Standard-IP ACL page, select ACL IP-MAC Binding Network SecurityManual Binding Enter the Vlan ID ¾ Manual Binding OptionProtect Type Select the Protect Type for the entry ¾ Manual Binding TableARP Scanning Start IP Address Dhcp SnoopingEnd IP Address Scan¾ Dhcp Working Principle Network diagram for DHCP-snooping implementation¾ Option ¾ Dhcp Cheating Attack Dhcp Cheating Attack Implementation Procedure¾ Dhcp Snooping Config Customization Circuit ID Remote ID ¾ Option 82 Config¾ Port Config Port Select ¾ Cheating Gateway ARP Inspection¾ Imitating Gateway ¾ Cheating Terminal Hosts 10 ARP Attack Cheating Gateway¾ Man-In-The-Middle Attack ¾ ARP Flooding Attack ¾ Trusted Port ARP Detect¾ ARP Detect Network Security→ARP ARP DefendRequired. On the Network Security→IP-MAC ¾ ARP Defend ARP StatisticsDefend Speed¾ Illegal ARP Packet DoS DefendDoS Attack Type Description ¾ Architecture of 802.1X Authentication ¾ Configure11.4 ¾ Defend Table¾ The Mechanism of an 802.1X Authentication System ¾ 802.1X Authentication Procedure ¾ 802.1X Timer ¾ Guest Vlan 802.1X Authentication MethodGuest Vlan Guest Vlan IDRetry Times Supplicant TimeoutServer Timeout Radius Server Control ModeControl Type AuthorizedRequired. On the Network Security→802.1X→Port On the Network Security→802.1X→Global ConfigRequired. On the Network Security→802.1X→Radius ¾ Snmp Overview Snmp¾ Snmp Management Frame ¾ Snmp Versions¾ MIB Introduction ¾ Snmp Configuration Outline¾ Remote Engine Snmp Config¾ Local Engine MIB Object ID Snmp ViewView Type View NameSnmp Group ¾ Group Config¾ Group Table Snmp UserAuth Password Auth ModePrivacy Mode Privacy PasswordSnmp Community ¾ Community ConfigAccess Required. On the SNMP→SNMP Config→SNMP Required. On the SNMP→SNMP Config→GlobalMIB View ¾ Community TableNotification On the SNMP→SNMP Config→SNMPUDP Port TimeoutUser RetryRmon Group Function Rmon¾ Rmon Group ¾ History Control Table Event ConfigHistory Control ¾ Event Table Alarm ConfigSample Type VariableRising Threshold Rising Event179 ¾ Cluster Role Cluster¾ Introduction to Cluster 13.1 NDPNeighbor Info ¾ Neighbor Info NDP Summary¾ Neighbor NDP ¾ Port Status Displays the port number of the switchEnable NDP ConfigDisable ¾ Global CofigDevice Table NtdpDevice MAC Cluster NameHops Ntdp SummaryNeighbor Info Collect TopologyPort Displays the port number of the switch Ntdp ConfigNtdp Port Delay Ntdp Hop DelayNtdp Interval Time Ntdp HopsCluster Summary Cluster¾ Global Cluster¾ Global Config Cluster Cluster Config¾ Role Change ¾ Current RoleApplication Example for Cluster Function On Cluster→NTDP→NTDP Config page, enable On Cluster→NDP→NDP Config page, enable NDP194 CPU Monitor MaintenanceSystem Monitor Memory Monitor 14.2 Log Local Log Log TableRemote Log ¾ Local Log ConfigLog Buffer Log FileHost IP Backup Log¾ Log Host Device Diagnose ErrorCable Test PairNetwork Diagnose Switch is availableLoopback PingTracert ¾ Ping Config10 Tracert Following entries are displayed on this screen ¾ Tracert ConfigAppendix a Specifications Appendix B Configuring the PCs 207 Now Configure the Hyper Terminal Appendix C Load Software using FTPHardware Installation 210 Figure C-5 Port Settings Download Firmware via bootUtil menuAre you want to upgrade the firmwareY/N y TP-LINK upgrade You can only use the port 1 to upgradeUser TP-LINK start StartAppendix D 802.1X Client Software Installation Guide215 216 Figure D-7 InstallShield Wizard Complete Uninstall SoftwareFigure D-11 Uninstall Complete Configuration219 Figure D-16 Connection Status FAQ221 Appendix E Glossary Group Attribute Registration Protocol Garp Multicast SwitchingIeee 802.1D Ieee 802.1QRemote Authentication Dial-in User Service Radius Port AuthenticationLink Aggregation Link Aggregation Control Protocol LacpSimple Network Time Protocol Sntp Simple Network Management Protocol SnmpSpanning Tree Algorithm STA Telnet