Dos synflood – Allied Telesis AT-DC2552XS User Manual
Page 534
Chapter 22: DoS Defense Commands
534
Section V: Security and Traffic Control
DOS SYNFLOOD
Syntax
dos synflood action
action
Parameter
action
Specifies an action. The only action is “shutdown.” The switch
temporarily shuts down the specified port for one minute when a
DoS SYN flood attack is detected.
Mode
Port Interface mode
Description
Use this command to enable the defense against DoS SYN flood attacks.
In DoS SYN flood attacks, attackers send a succession of TCP SYN
requests to a target system and make system resources unavailable to
legitimate traffic.
When the DoS SYN flood defense is enabled on a port, the switch counts
the number of ingress TCP SYN packets received on the port. If the
number exceeds 60 packets per second, the switch temporarily shuts
down the port for one minute. The port is enabled automatically after one
minute passes. To enable a shut down port manually, use the NO
SHUTDOWN command. See “NO SHUTDOWN” on page 254.
You can enable the DoS SYN flood defense on a per port basis. However,
you cannot specify static or dynamic trunk groups, represented by “saX”
and “poX” respectively, or ports that belong to a trunk.
The DoS SYN flood defense consumes 1 unit per port out of 256 resource
units that are allocated to the DoS defense on the switching chip that is
located on the switch.
Confirmation Command