beautypg.com

AirLive RS-2500 User Manual

Page 191

background image

21. Anomaly Flow IP


AirLive RS-2500 User’s Manual

186

Define th

D t

Sele

server

com

the servers.

The

m Administrator can

enter the maximum number of SYN packets per second that is allowed to

enter the network/RS-2500. If the value exceeds the setting one, and then the

device will determine it as an attack.

【SYN Flood Threshold (Per Source IP) Pkts/Sec】: The system Administrator

can enter the maximum number of SYN packets per second from attacking

source IP Address that is allowed to enter the network/RS-2500. And if value

exceeds the setting one, and then the device will determine it as an attack.

【SYN Flood Threshold Blocking Time (Per Source IP) Seconds】: When the

RS-2500 determines as being attacked, it will block the attacking source IP

ing for certain seconds, the

calculate the max number of SYN packets from attacking

RS-2500 determines as being attacked, it will block the attacking source IP

king time you set. After blocking for certain seconds, the

e required fields of DoS / Anti-attack Setting

ect SYN Attack:

ct this option to detect TCP SYN attacks that hackers send to

puters continuously to block or cut down all the connections of

e

se attacks will cause valid users cannot connect to the servers.

【SYN Flood Threshold (Total) Pkts/Sec】: The syste

address in the blocking time you set. After block

device will start to

source IP Address. And if the max number still exceed the define value, it will

block the attacking IP Address continuously.

Detect ICMP Flood:

When Hackers continuously send PING packets to all the machines of the LAN

networks or to the RS-2500 via broadcasting, your network is experiencing an

ICMP flood attack.

【ICMP Flood Threshold (Total) Pkts/Sec】: The System Administrator can

enter the maximum number of ICMP packets per second that is allow to enter

the network/RS-2500. If the value exceeds the setting one, and then the

device will determine it as an attack.

【 ICMP Flood Threshold (Per Source IP)Pkts/Sec 】 : The System

Administrator can enter the maximum number of ICMP packets per second

from attacking source IP Address that is allow to enter the network / RS-2500.

If the value exceeds the setting one, and then the device will determine it as

an attack.

【ICMP Flood Threshold Blocking Time (Per Source IP)Seconds】: When the

address in the bloc

device will start to calculate the max number of ICMP packets from attacking

See also other documents in the category AirLive Accessories for video: