beautypg.com

15 dos-control tcpsynfin, 16 dos-control tcpoffset – Fortinet 548B User Manual

Page 309

background image

- 309 -

Command Mode

Global Config

7.13.2.15 dos-control tcpsynfin

This command enables the TCP SYN and FIN Denial of Service protection. If the mode is enabled,
Denial of Service prevention is active for this type of attack. If packets ingress having TCP flags SYN
and FIN set, the packets will be dropped if the mode is enabled.

Syntax

dos-control tcpsynfin
no dos-control tcpsynfin

no - This command disables the TCP SYN & FIN Denial of Service protection.

Default Setting

Disabled

Command Mode

Global Config

7.13.2.16 dos-control tcpoffset

This command enables the TCP Fragment Offset Denial of Service protection. If the mode is enabled,
Denial of Service prevention is active for this type of attack. If packets ingress having TCP Header Offset
equal to one (1), the packets will be dropped if the mode is enabled.

Syntax

dos-control tcpoffset
no dos-control tcpoffset

no - This command disables the TCP Fragment Offset Denial of Service protection.

Default Setting

Disabled

Command Mode

Global Config

See also other documents in the category Fortinet Computer Accessories: