Web Management Guide-R02
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Using the Web Interface
- Basic Management Tasks
- Displaying System Information
- Displaying Hardware/Software Versions
- Configuring Support for Jumbo Frames
- Displaying Bridge Extension Capabilities
- Managing System Files
- Setting the System Clock
- Configuring the Console Port
- Configuring Telnet Settings
- Displaying CPU Utilization
- Configuring CPU Guard
- Displaying Memory Utilization
- Resetting the System
- Interface Configuration
- VLAN Configuration
- Address Table Settings
- Spanning Tree Algorithm
- Congestion Control
- Class of Service
- Quality of Service
- VoIP Traffic Configuration
- Security Measures
- AAA (Authentication, Authorization and Accounting)
- Configuring User Accounts
- Web Authentication
- Network Access (MAC Address Authentication)
- Configuring HTTPS
- Configuring the Secure Shell
- Access Control Lists
- Filtering IP Addresses for Management Access
- Configuring Port Security
- Configuring 802.1X Port Authentication
- DoS Protection
- DHCP Snooping
- DHCPv6 Snooping
- ND Snooping
- IPv4 Source Guard
- IPv6 Source Guard
- ARP Inspection
- Application Filter
- Basic Administration Protocols
- Configuring Event Logging
- Link Layer Discovery Protocol
- Simple Network Management Protocol
- Configuring Global Settings for SNMP
- Setting Community Access Strings
- Setting the Local Engine ID
- Specifying a Remote Engine ID
- Setting SNMPv3 Views
- Configuring SNMPv3 Groups
- Configuring Local SNMPv3 Users
- Configuring Remote SNMPv3 Users
- Specifying Trap Managers
- Creating SNMP Notification Logs
- Showing SNMP Statistics
- Remote Monitoring
- Setting a Time Range
- Ethernet Ring Protection Switching
- MLAG Configuration
- OAM Configuration
- LBD Configuration
- Multicast Filtering
- Overview
- Layer 2 IGMP (Snooping and Query for IPv4)
- Configuring IGMP Snooping and Query Parameters
- Specifying Static Interfaces for a Multicast Router
- Assigning Interfaces to Multicast Services
- Setting IGMP Snooping Status per Interface
- Filtering IGMP Packets on an Interface
- Displaying Multicast Groups Discovered by IGMP Snooping
- Displaying IGMP Snooping Statistics
- Filtering and Throttling IGMP Groups
- MLD Snooping (Snooping and Query for IPv6)
- Configuring MLD Snooping and Query Parameters
- Setting Immediate Leave Status for MLD Snooping per Interface
- Specifying Static Interfaces for an IPv6 Multicast Router
- Assigning Interfaces to IPv6 Multicast Services
- Filtering MLD Query Packets on an Interface
- Showing MLD Snooping Groups and Source List
- Displaying MLD Snooping Statistics
- Filtering and Throttling MLD Groups
- Multicast VLAN Registration for IPv4
- IP Tools
- IP Configuration
- General IP Routing
- IP Services
- Appendices
Chapter 12
| Security Measures
DoS Protection
– 361 –
returns ACK packets. These half-open connections will bind resources on the
target, and no new connections can be made, resulting in a denial of service.
(Default: Disabled)
◆ TCP Flooding Attack Rate – Maximum allowed rate. (Range: 64-2000 kbits/
second; Default: 1000 kbits/second)
◆ TCP Null Scan – A TCP NULL scan message is used to identify listening TCP
ports. The scan uses a series of strangely configured TCP packets which contain
a sequence number of 0 and no flags. If the target's TCP port is closed, the
target replies with a TCP RST (reset) packet. If the target TCP port is open, it
simply discards the TCP NULL scan. (Default: Enabled)
◆ TCP-SYN/FIN Scan – A TCP SYN/FIN scan message is used to identify listening
TCP ports. The scan uses a series of strangely configured TCP packets which
contain SYN (synchronize) and FIN (finish) flags. If the target's TCP port is
closed, the target replies with a TCP RST (reset) packet. If the target TCP port is
open, it simply discards the TCP SYN FIN scan. (Default: Enabled)
◆ TCP Xmas Scan – A so-called TCP XMAS scan message is used to identify
listening TCP ports. This scan uses a series of strangely configured TCP packets
which contain a sequence number of 0 and the URG, PSH and FIN flags. If the
target's TCP port is closed, the target replies with a TCP RST packet. If the target
TCP port is open, it simply discards the TCP XMAS scan. (Default: Enabled)
◆ TCP/UDP Packets with Port 0 – Protects against DoS attacks in which the TCP
or UDP source port or destination port is set to zero. This technique may be
used as a form of DoS attack, or it may just indicate a problem with the source
device. When this command is enabled, the switch will drop these packets.
(Default: Enabled)
◆ UDP Flooding Attack – Attacks in which a perpetrator sends a large number of
UDP packets (with or without a spoofed-Source IP) to random ports on a
remote host. The target will determine that application is listening at that port,
and reply with an ICMP Destination Unreachable packet. It will be forced to
send many ICMP packets, eventually leading it to be unreachable by other
clients. (Default: Disabled)
◆ UDP Flooding Attack Rate – Maximum allowed rate. (Range: 64-2000 kbits/
second; Default: 1000 kbits/second)
◆ WinNuke Attack – Attacks in which affected the Microsoft Windows 3.1x/95/
NT operating systems. In this type of attack, the perpetrator sends the string of
OOB out-of-band (OOB) packets contained a TCP URG flag to the target
computer on TCP port 139 (NetBIOS), casing it to lock up and display a “Blue
Screen of Death.” This did not cause any damage to, or change data on, the
computer’s hard disk, but any unsaved data would be lost. Microsoft made
patches to prevent the WinNuke attack, but the OOB packets.
(Default: Disabled)