6 dos defense – Draytek 2800 Series User Manual
Page 55
Vigor2800 Series User’s Guide
51
3
3
.
.
4
4
.
.
6
6
D
D
o
o
S
S
D
D
e
e
f
f
e
e
n
n
s
s
e
e
As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defense function in
the DoS Defense setup. The DoS Defense functionality is disabled for default.
Click Firewall and click DoS Defense to open the setup page.
Enable Dos Defense
Check the box to activate the DoS Defense Functionality.
Enable SYN flood
defense
Check the box to activate the SYN flood defense function. Once
detecting the Threshold of the TCP SYN packets from the Internet
has exceeded the defined value, the Vigor router will start to
randomly discard the subsequent TCP SYN packets for a period
defined in Timeout. The goal for this is prevent the TCP SYN
packets’ attempt to exhaust the limited-resource of Vigor router.
By default, the threshold and timeout values are set to 50 packets
per second and 10 seconds, respectively.
Enable UDP flood
defense
Check the box to activate the UDP flood defense function. Once
detecting the Threshold of the UDP packets from the Internet has
exceeded the defined value, the Vigor router will start to randomly
discard the subsequent UDP packets for a period defined in
Timeout. The default setting for threshold and timeout are 150
packets per second and 10 seconds, respectively.
Enable ICMP flood
defense
Check the box to activate the ICMP flood defense function. Similar
to the UDP flood defense function, once if the Threshold of ICMP
packets from Internet has exceeded the defined value, the router
will discard the ICMP echo requests coming from the Internet. The
default setting for threshold and timeout are 50 packets per second
and 10 seconds, respectively.
Enable PortScan
detection
Port Scan attacks the Vigor router by sending lots of packets to
many ports in an attempt to find ignorant services would respond.
Check the box to activate the Port Scan detection. Whenever