DoS Prevention. Advantech EKI-7428G-4CA, EKI-7428G-4CI, EKI-7428G-4CPI, EKI-7428G-4X, EKI-7428G-4XP
Add to My manuals159 Pages
advertisement
![DoS Prevention. Advantech EKI-7428G-4CA, EKI-7428G-4CI, EKI-7428G-4CPI, EKI-7428G-4X, EKI-7428G-4XP | Manualzz DoS Prevention. Advantech EKI-7428G-4CA, EKI-7428G-4CI, EKI-7428G-4CPI, EKI-7428G-4X, EKI-7428G-4XP | Manualzz](http://s3.manualzz.com/store/data/064997248_1-1aeef578cc8859af5e90e0e908f5a383-360x466.png)
4.7.4
DoS Prevention
The DoS Prevention page allows you to setup (enabled or disabled) the denial of service.
4.7.4.1
DoS Global Settings
The DoS Global Settings page allows you to configure (enabled or disabled) the setting for each function.
To access this page, click Security > DoS Prevention > DoS Global Settings .
Figure 4.68 Security > DoS Prevention > DoS Global Settings
The following table describes the items in the previous figure.
Item
DMAC = SMAC
LAND
Description
Click Enabled or Disabled to define DMAC-SMAC for the DoS Global settings.
Click Enabled or Disabled to define LAND for the DoS Global settings.
75 EKI-7428 Series User Manual
Item Description
UDP Blat
TCP Blat
Click Enabled or Disabled to define UDP Blat for the DoS Global settings.
Click Enabled or Disabled to define TCP Blat for the DoS Global settings.
POD Click Enabled or Disabled to define POD for the DoS Global settings.
IPv6 Min Fragment Click Enabled or Disabled to define minimum fragment size for the
IPv6 protocol.
Enter the variable in bytes (0 to 65535) to set the minimum fragment size when the function is enabled.
ICMP Fragments Click Enabled or Disabled to define the ICMP Fragments function.
IPv4 Ping Max Size Click Enabled or Disabled to set the maximum ping size for the IPv4 protocol.
IPv6 Ping Max Size Click Enabled or Disabled to set a maximum ping size for the IPv6 protocol.
Ping Max Size
Setting
Enter the variable in bytes (0 to 65535) to set the maximum ping size.
Smurf Attack
TCP Min Hdr Size
Click Enabled or Disabled to set the Smurf Attack function.
Click Enabled or Disabled to set the minimum header size.
Enter the variable in bytes (0 to 31) to set the minimum header size.
TCP-SYN
(SPORT < 1024)
Null Scan Attack
Click Enabled or Disabled to set the TCP synchronization function
(sport < 1021).
Click Enabled or Disabled to set the Null Scan Attack function.
X-Mas Scan Attack Click Enabled or Disabled to set the X-Mas Scan function.
TCP SYN-FIN Attack Click Enabled or Disabled to set the TCP synchronization termination attack function.
TCP SYN-RST
Attack
TCP Fragment
(Offset = 1)
Apply
Click Enabled or Disabled to set the TCP synchronization reset attack function.
Click Enabled or Disabled to set the TCP fragment function (offset
=1).
Click Apply to save the values and update the screen.
The ensuing table for DoS Global Information settings are informational only:
DMAC = SMAC, Land Attack, UDP Blat, TCP Blat, POD (Ping of Death), IPv6 Min
Fragment Size, ICMP Fragment Packets, IPv4 Ping Max Packet Size, IPv6 Ping Max
Packet Size, Smurf Attack, TCP Min Header Length, TCP Syn (SPORT < 1024), Null
Scan Attack, X-Mas Scan Attack, TCP SYN-FIN Attack, TCP SYN-RST Attack and
TCP Fragment (Offset = 1).
4.7.4.2
DoS Port Settings
The DoS Port Settings page allow you to configure DoS security (enabled or disabled) for the selected port.
To access this page, click Security > DoS Prevention > DoS Port Settings .
Figure 4.69 Security > DoS Prevention > DoS Port Settings
EKI-7428 Series User Manual 76
advertisement
Related manuals
advertisement
Table of contents
- 15 Specifications
- 16 Hardware Views
- 16 Front View
- 18 Rear View
- 19 Dimensions
- 21 Warnings
- 23 Installation Guidelines
- 23 Environment and Enclosure Guidelines
- 23 Connecting Hardware
- 24 Verifying Switch Operation
- 24 Installing the Switch
- 24 Rack-Mounting
- 25 Installing and Removing SFP Modules
- 25 Installing SFP Modules
- 27 Removing SFP Modules
- 28 Connecting the Switch to Ethernet Ports
- 28 RJ45 Ethernet Cable Wiring
- 29 Connecting the Switch to Console Port
- 30 Power Supply Installation
- 30 Overview
- 31 Considerations
- 31 Grounding the Device
- 32 Wiring a Relay Contact
- 33 Wiring the Power Inputs
- 34 Reset Button
- 36 First Time Setup
- 36 Overview
- 36 Introduction
- 36 Administrative Interface Access
- 39 Command Line Interface Configuration
- 39 Introduction to Command-Line Interface (CLI)
- 39 Accessing the CLI
- 40 Web Browser Configuration
- 40 Preparing for Web Configuration
- 40 System Login
- 42 Log In
- 42 Recommended Practices
- 42 Changing Default Password
- 43 Monitoring
- 43 Device Information
- 44 Logging Message
- 45 Port Monitoring
- 46 Link Aggregation
- 46 LLDP Statistics
- 47 IGMP Statistics
- 48 System
- 48 IP Settings
- 49 DHCP Client Option
- 50 DHCP Auto Provision
- 50 IPv6 Settings
- 51 Management VLAN
- 51 System Time
- 53 L2 Switching
- 53 Port Configuration
- 54 Port Mirror
- 55 Link Aggregation
- 58 802.1Q VLAN
- 61 Q-in-Q
- 64 802.3az EEE
- 66 Multicast
- 70 Jumbo Frame
- 71 4.5.10 Spanning Tree
- 76 4.5.11 X-Ring Elite
- 77 4.5.12 X-Ring Pro
- 79 4.5.13 Loopback Detection
- 80 4.5.14 CFM
- 81 4.5.15 ERPS
- 83 MAC Address Table
- 83 Static MAC
- 83 MAC Aging Time
- 84 Dynamic Forwarding Table
- 85 Security
- 85 Storm Control
- 87 Port Security
- 87 Protected Ports
- 88 DoS Prevention
- 90 Applications
- 92 802.1x
- 93 IP Security
- 95 Access Control List
- 97 IP Source Guard
- 98 4.7.10 DHCP Snooping
- 99 4.7.11 ARP Spoofing
- 100 General
- 105 QoS Basic Mode
- 106 Rate Limit
- 108 Bandwidth Guarantee
- 109 Management
- 114 Power Over Ethernet
- 116 TCP Modbus
- 116 DHCP Server
- 121 SMTP Client
- 126 Diagnostics
- 126 4.10.1 Cable Diagnostics
- 127 4.10.2 Ping Test
- 128 4.10.3 IPv6 Ping Test
- 129 4.10.4 System Log
- 131 4.10.5 DDM
- 132 Tools
- 137 Modbus/TCP Mapping
- 157 Troubleshooting