Table of Contents
Advertisement
I
I
I
-
1
-
3
D
I
I
I
-
1
-
3
D
As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defense function in
the DoS Defense setup. The DoS Defense functionality is disabled for default.
I
I
I
-
1
-
3
-
1
D
I
I
I
-
1
-
3
-
1
D
Click Firewall and click Defense Setup to open the setup page.
Available settings are explained as follows:
Item
Enable Dos Defense
Enable SYN flood defense
Enable UDP flood defense
Vigor160 Series User's Guide
e
f
e
n
s
e
S
e
t
u
p
e
f
e
n
s
e
S
e
t
u
p
o
S
D
e
f
e
n
s
e
o
S
D
e
f
e
n
s
e
Description
Check the box to activate the DoS Defense Functionality.
Select All - Click this button to select all the items listed
below.
White/Black List Option – Set white/black list of IPv4/IPv6
address.
Check the box to activate the SYN flood defense function.
Once detecting the Threshold of the TCP SYN packets from
the Internet has exceeded the defined value, the Vigor
router will start to randomly discard the subsequent TCP
SYN packets for a period defined in Timeout. The goal for
this is prevent the TCP SYN packets' attempt to exhaust the
limited-resource of Vigor router.
By default, the threshold and timeout values are set to
2000 packets per second and 10 seconds, respectively. That
means, when 2000 packets per second received, they will
be regarded as "attack event" and the session will be
paused for 10 seconds.
Check the box to activate the UDP flood defense function.
115
- Quick Links:
- Accessing Web Page
Hide quick links:
Advertisement
Table of Contents
