Philips CPWBS154 User Manual

DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).

Parametre Defaults Description
Total incomplete

300

Defines the rate of new unestablished sessions that will cause the

TCP/UDP sessions

sessions

software to start deleting half-open sessions.

HIGH
Total incomplete

250

Defines the rate of new unestablished sessions that will cause the

TCP/UDP sessions

sessions

software to stop deleting halfopen sessions.

LOW
Incomplete

250

Maximum number of allowed incomplete TCP/UDP sessions

TCP/UDP sessions

sessions

per minute.

(per min) HIGH
Incomplete

200

Minimum number of allowed incomplete TCP/UDP sessions

TCP/UDP sessions

sessions

per minute.

(per min) LOW
Max. incomplete TCP/

10

Maximum number of incomplete TCP/UDP sessions

UDP sessions number

from the same host.

from same host
Incomplete TCP/

300

Length of time before an incomplete TCP/UDP session is detected

UDP sessions detect

msec

as incomplete.

sensitive time period
Maximum half-open

30

Maximum number of half-open fragmentation packets from

fragmentation packet

the same host.

number from same
host
Half-open

10000

Length of time before a half-open fragmentation session is

fragmentation detect

msec

detected as half-open.

sensitive time period
Flooding cracker

300 sec

Length of time from detecting a flood attack to blocking the attack.

block time

Note: The firewall does not significantly affect system performance, so we

advise enabling the prevention features to protect your network.

ENGLISH

51