Configuring the wireless barricade g router 58 – SMC Networks Barricade SMC2804WBR38 User Manual

Configuring the Wireless Barricade g Router

58

DoS Criteria and Port Scan Criteria

Set up DoS and port scan criteria in the spaces provided (as
shown below).

Parameter

Defaults

Description

Fragmentation
half-open wait

10 sec

Configures the number of seconds that a
packet state structure remains active. When
the timeout value expires, the router drops
the unassembled packet, freeing that
structure for use by another packet.

TCP SYN wait

30 sec

Defines how long the software will wait for a
TCP session to synchronize before dropping
the session.

TCP FIN wait

5 sec

Specifies how long a TCP session will be
maintained after the firewall detects a FIN
packet.

TCP connection idle
timeout

3600 seconds
(1 hour)

The length of time a TCP session will be
maintained if there is no activity.

UDP session idle
timeout

30 sec

The length of time a UDP session will
maintained if there is no activity.

H.323 data channel
idle timeout

180 sec

The length of time an H.323 session will be
maintained if there is no activity.

Parameter

Defaults

Description

Total incomplete TCP/UDP
sessions HIGH

300 sessions

Defines the rate of newly
unestablished sessions that will
cause the software to start
deleting half-open sessions.

Total incomplete TCP/UDP
sessions LOW

250 sessions

Defines the rate of newly
unestablished sessions that will
cause the software to stop
deleting half-open sessions.

Incomplete TCP/UDP sessions
(per min.) HIGH

250 sessions

Maximum number of allowed
incomplete TCP/UDP sessions
per minute.

Incomplete TCP/UDP sessions
(per min.) LOW

200 sessions

Minimum number of allowed
incomplete TCP/UDP sessions
per minute. Set this to “0” if no
minimum setting is required.

Maximum incomplete TCP/UDP
sessions number from same
host

10 sessions

Maximum number of
incomplete TCP/UDP sessions
from the same host.