Dos land – Allied Telesis AT-DC2552XS User Manual
Page 528
Chapter 22: DoS Defense Commands
528
Section V: Security and Traffic Control
DOS LAND
Syntax
dos land action
action
Parameter
action
Specifies an action. The only action is “shutdown.” The switch
temporarily shuts down the specified port for one minute when a
DoS LAND attack is detected.
Mode
Port Interface mode
Description
Use this command to enable the defense against DoS Local Area Network
Denial (LAND) attacks. In DoS LAND attacks, attackers use packets that
are set to the same IP address for both source and destination addresses
and make the device to reply to itself continuously.
When the DoS LAND defense is enabled on a port, the switch temporarily
shuts down the port for one minute if the port receives a packet containing
the same IP address for both source and destination addresses. The port
is enabled automatically after one minute passes. To enable a shut down
port manually, use the NO SHUTDOWN command. See “NO
SHUTDOWN” on page 254.
You can enable the DoS LAND defense on a per port basis. However, you
cannot specify static or dynamic trunk groups, represented by “saX” and
“poX” respectively, or ports that belong to a trunk.
The DoS LAND defense consumes 1 unit per port out of 256 resource
units that are allocated to the DoS defense on the switching chip that
resides on the switch.
Confirmation Command