User's Manual
Security
Denial of Service Prevention
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)  365
18
• Current Status—Interface status. The possible values are:
- Normal—No attack was identified on this interface.
- Blocked—Traffic is not forwarded on this interface.
- Attacked—Attack was identified on this interface.
• Last Attack—Date of last SYN-FIN attack identified by the system and the 
system action (Reported or Blocked and Reported).
Martian Addresses
The Martian Addresses page enables entering IP addresses that indicate an 
attack if they are seen on the network. Packets from these addresses are 
discarded.
The device supports a set of reserved Martian addresses that are illegal from the 
point of view of the IP protocol. The supported reserved Martian addresses are:
• Addresses defined to be illegal in the Martian Addresses page. 
• Addresses that are illegal from the point of view of the protocol, such as 
loopback addresses, including addresses within the following ranges: 
- 0.0.0.0/8 (Except 0.0.0.0/32 as a Source Address)—Addresses in 
this block refer to source hosts on this network.
- 127.0.0.0/8—Used as the Internet host loopback address.
- 192.0.2.0/24—Used as the TEST-NET in documentation and example 
codes.
- 224.0.0.0/4 (As a Source IP Address)—Used in IPv4 Multicast address 
assignments, and was formerly known as Class D Address Space.
- 240.0.0.0/4 (Except 255.255.255.255/32 as a Destination 
Address)—Reserved address range, and was formerly known as Class 
E Address Space.
You can also add new Martian Addresses for DoS prevention. Packets that have a 
Martian addresses are discarded.
To define Martian addresses: 
STEP 1 Click Security > Denial of Service Prevention > Martian Addresses.
STEP  2 Select Reserved Martian Addresses and click Apply to include the reserved 
Martian Addresses in the System Level Prevention list.










