Dos smurf – Allied Telesis AT-DC2552XS User Manual
Page 532
Chapter 22: DoS Defense Commands
532
Section V: Security and Traffic Control
DOS SMURF
Syntax
dos smurf action
action
Parameter
action
Specifies an action. The only action is “shutdown.” The switch
temporarily shuts down the specified port for one minute when a
DoS Smurf attack is detected.
Mode
Port Interface mode
Description
Use this command to enable the defense against DoS Smurf attacks. In
DoS Smurf attacks, attackers send a large number of ICMP echo request
(ping) traffic with the IP address of an intended target system as the
source address and IP broadcast address as the destination address. DoS
Smurf attacks flood a system with broadcast ping messages.
When the DoS Smurf defense is enabled on a port, the switch temporarily
shuts down the port for one minute if the port receives an ICMP echo
request packet that contains the specified directed broadcast address.
The port is enabled automatically after one minute passes. To enable a
shut-down port manually, use the NO SHUTDOWN command. See “NO
SHUTDOWN” on page 254.
You can enable the DoS Smurf defense on a per port basis. However, you
cannot specify static or dynamic trunk groups, represented by “saX” and
“poX” respectively, or ports that belong to a trunk.
The DoS Smurf defense consumes 1 unit per port out of 256 resource
units are allocated to the DoS defense on the switching chip on the switch.
Confirmation Command