4 dos defense – Draytek 2910 User Manual
Page 80
Vigor2910 Series User’s Guide
74
3
3
.
.
5
5
.
.
4
4
D
D
o
o
S
S
D
D
e
e
f
f
e
e
n
n
s
s
e
e
As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defense function in
the DoS Defense setup. The DoS Defense functionality is disabled for default.
Click Firewall and click DoS Defense to open the setup page.
Enable Dos Defense
Check the box to activate the DoS Defense Functionality.
Enable SYN flood
defense
Check the box to activate the SYN flood defense function. Once
detecting the Threshold of the TCP SYN packets from the
Internet has exceeded the defined value, the Vigor router will start
to randomly discard the subsequent TCP SYN packets for a
period defined in Timeout. The goal for this is prevent the TCP
SYN packets’ attempt to exhaust the limited-resource of Vigor
router. By default, the threshold and timeout values are set to 50
packets per second and 10 seconds, respectively.
Enable UDP flood
defense
Check the box to activate the UDP flood defense function. Once
detecting the Threshold of the UDP packets from the Internet has
exceeded the defined value, the Vigor router will start to
randomly discard the subsequent UDP packets for a period
defined in Timeout. The default setting for threshold and timeout
are 150 packets per second and 10 seconds, respectively.
Enable ICMP flood
defense
Check the box to activate the ICMP flood defense function.
Similar to the UDP flood defense function, once if the Threshold
of ICMP packets from Internet has exceeded the defined value, the
router will discard the ICMP echo requests coming from the
Internet. The default setting for threshold and timeout are 50
packets per second and 10 seconds, respectively.
Enable PortScan
detection
Port Scan attacks the Vigor router by sending lots of packets to
many ports in an attempt to find ignorant services would respond.
Check the box to activate the Port Scan detection. Whenever
detecting this malicious exploration behavior by monitoring the