User manual

ManualsBrandsDynamix ManualsComputer equipmentUM-SB

131

132

133

134

135

136

137

138

139

140

Dynamix UM-SB Series User Manual V0.06

137

DoS protection parameters can be configured in dos_protection menu.

Move the cursor to dos_protection and press enter.

syn_flood

Enable protection SYN flood attack

icmp_flood

Enable protection ICMP flood attack

udp_flood

Enable protection UDP flood attack

ping_death

Enable protection PING of death attack

land_attack

Enable protection land attack

ip_spoff

Enable protection IP spoofing attack

smurf_attack

Enable protection smurf attack

fraggle_attack

Enable protection fraggle attack

SYN flood: A SYN flood is a form of denial-of-service attack, attempts to slow your network by

requesting new connections but not completing the process to open the connection. Once the

buffer for these pending connections is full a server will not accept any more connections and will

be unresponsive.

ICMP flood: A sender transmits a volume of ICMP request packets to cause all CPU resources to

be consumed serving the phony requests.

UDP Flood: A UDP flood attack is a denial-of-service (DoS) attack using the User Datagram

Protocol(UDP). A sender transmits a volume of requests for UDP diagnostic services which cause

all CPU resources to be consumed serving the phony requests.

Ping of Death: A ping of death (POD) attack attempts to crash your system by sending a

fragmented packet, when reconstructed is larger than the maximum allowable size.

Land attack: A land attack is an attempt to slow your network down by sending a packet with

identical source and destination addresses originating from your network.

IP Spoofing: IP Spoofing is a method of masking the identity of an intrusion by making it appeared

that the traffic came from a different computer. This is used by intruders to keep their anonymity

and can be used in a Denial of Service attack.

Smurf attack: The Smurf attack is a way of generating a lot of computer network traffic to a victim

host. That is a type of denial-of-service attack. A Smurf attack involves two systems. The attacker

sends a packet containing a ICMP echo request (ping) to the network address of one system. This

system is known as the amplifier. The return address of the ping has been faked (spoofed) to

appear to come from a machine on another network (the victim). The victim is then flooded with

responses to the ping. As many responses are generated for only one attack, the attacker is able

use many amplifiers on the same victim.

Fraggle attack: A Fraggle attack is a type of denial-of-service attack where an attacker sends a

large amount of UDP echo traffic to IP broadcast addresses, all of it having a fake source address.

This is a simple rewrite of the smurf attack code.

DoS Protection

SYN flood

□

Disable

□

Enable

Packets per sec. 0~700

ICMP flood

□

Disable

□

Enable

Packets per sec. 0~700

UDP flood

□Disable □Enable

Packets per sec. 0~700

PING of death

□Disable □Enable