DGS-1250 Series Gigabit Ethernet Smart Managed Switch Web UI Reference Guide
219
The additional fields that can be configured in
Storm Control Port Settings
are described below:
Parameter
Description
Level Rise
Enter the rise level value used here. This option specifies the rise threshold value
as a percentage of the total bandwidth per port at which traffic is received on the
port. This value must be between 0% and 100%.
Level Low
Enter the low level value used here. This option specifies the low threshold value
as a percentage of the total bandwidth per port at which traffic is received on the
port. This value must be between 0% and 100%. If the low level is not specified,
the default value is 80% of the specified risen level.
Click the
Apply
button to accept the changes made.
DoS Attack Prevention Settings
This window is used to display and configure the Denial-of-Service (DoS) attack prevention settings. The following
well-known DoS types that can be detected by most Switches:
•
Land Attack:
This type of attack involves IP packets where the source and destination address are set to the
address of the target device. It may cause the target device to reply to itself continuously.
•
Blat Attack
: This type of attack will send packets with the TCP/UDP source port equal to the destination port of
the target device. It may cause the target device to respond to itself.
•
TCP-Null:
This type of attack involves port scanning by using specific packets that contain a sequence number
of 0 and no flags.
•
TCP-Xmas:
This type of attack involves port scanning by using specific packets that contain a sequence
number of 0 and the Urgent (URG), Push (PSH), and FIN flags.
•
TCP SYN-FIN:
This type of attack involves port scanning by using specific packets that contain SYN and FIN
flags.
•
TCP SYN SrcPort Less 1024:
This type of attack involves port scanning by using specific packets that contain
source port 0 to 1023 and SYN flag.
•
Ping of Death Attack:
A ping of death is a type of attack on a computer that involves sending a malformed or
otherwise a malicious ping to a computer. A ping is normally 64 bytes in size (many computers cannot handle a
ping larger than the maximum IP packet size which is 65535 bytes). The sending of a ping of this size can crash
the target computer. Traditionally, this bug has been relatively easy to exploit. Generally, sending a 65536 byte
ping packet is illegal according to networking protocol, but a packet of such a size can be sent if it is
fragmented; when the target computer reassembles the packet, a buffer overflow can occur, which often causes
a system crash.
•
TCP Tiny Fragment Attack:
The Tiny TCP Fragment attacker uses IP fragmentation to create extremely small
fragments and force the TCP header information into a separate packet fragment to pass through the check
function of the router and issue an attack.
•
Smurf Attack:
Smurf is a Distributed Denial of Service (DDoS) attack that enables and executes the
DDoS.Smurf malware. Smurf attacks are in a way similar to ping floods, as both are carried out by sending a lot
of ICMP Echo request packets. Smurf, however, is an amplification attack vector that boosts its damage
potential by exploiting the characteristics of broadcast networks.
•
TCP Flag SYN RST
- The TCP SYN/RESET flood is a DDoS attack that exploits part of the normal TCP three-
way handshake to consume more resources on targeted nodes to render them unresponsive. TCP connection
requests are sent faster than the targeted machine can process, resulting in network traffic saturation.
•
All Types:
All of above types.
Содержание DGS-1250 Series
Страница 1: ......