DoS sensors
Understanding the anomalies
FortiGate IPS User Guide Version 3.0 MR7
01-30007-0080-20080916
49
tcp_dst_session
If the number of concurrent TCP connections to one destination IP
address exceeds the configured threshold value, the action is
executed.
udp_flood
If the UDP traffic to one destination IP address exceeds the
configured threshold value, the action is executed. The threshold is
expressed in packets per second.
udp_scan
If the number of UDP sessions originating from one source IP
address exceeds the configured threshold value, the action is
executed. The threshold is expressed in packets per second.
udp_src_session
If the number of concurrent UDP connections from one source IP
address exceeds the configured threshold value, the action is
executed.
udp_dst_session
If the number of concurrent UDP connections to one destination IP
address exceeds the configured threshold value, the action is
executed.
icmp_flood
If the number of ICMP packets sent to one destination IP address
exceeds the configured threshold value, the action is executed.
The threshold is expressed in packets per second.
icmp_sweep
If the number of ICMP packets originating from one source IP
address exceeds the configured threshold value, the action is
executed. The threshold is expressed in packets per second.
icmp_src_session
If the number of concurrent ICMP connections from one source IP
address exceeds the configured threshold value, the action is
executed.
icmp_dst_session
If the number of concurrent ICMP connections to one destination
IP address exceeds the configured threshold value, the action is
executed.
Anomaly
Description
Содержание FortiGate 3.0 MR7
Страница 1: ...www fortinet com FortiGate IPS User Guide Version 3 0 MR7 U S E R G U I D E...
Страница 50: ...FortiGate IPS User Guide Version 3 0 MR7 50 01 30007 0080 20080916 Understanding the anomalies DoS sensors...
Страница 60: ...FortiGate Version 3 0 MR7 IPS User Guide 60 01 30007 0080 20080916 Index T technical support 8...
Страница 61: ...www fortinet com...
Страница 62: ...www fortinet com...