beautypg.com

13 dos-control tcpfinurgpsh, 14 dos-control tcpsyn – Fortinet 548B User Manual

Page 308

background image

- 308 -

Default Setting

Disabled

Command Mode

Global Config

7.13.2.13 dos-control tcpfinurgpsh

This command enables the TCP FIN and URG and PSH and SEQ=0 checking Denial of Service
protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If
packets ingress having TCP FIN, URG, and PSH all set and TCP Sequence Number set to 0, the
packets will be dropped if the mode is enabled.

Syntax

dos-control tcpfinurgpsh
no dos-control tcpfinurgpsh

no - This command disables the TCP FIN and URG and PSH and SEQ=0 checking Denial of
Service protections.

Default Setting

Disabled

Command Mode

Global Config

7.13.2.14 dos-control tcpsyn

This command enables the TCP SYN and L4 source = 0-1023 Denial of Service protection. If the mode
is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having TCP
flag SYN set and an L4 source port from 0 to 1023, the packets will be dropped if the mode is enabled.

Syntax

dos-control tcpsyn
no dos-control tcpsyn

no - This command disables the TCP SYN and L4 source = 0-1023 Denial of Service protection.

Default Setting

Disabled

See also other documents in the category Fortinet Computer Accessories: