H3C Technologies H3C SecPath F1000-E User Manual

Page 24

Figure 15 DNS flood detection configuration page

To configure DNS flood detection, follow these steps:

In the DNS Flood Attack Prevention Policy area, select Enable DNS Flood Attack Detection. The

firewall will collect DNS flood attack statistics, and output logs upon detecting DNS flood attacks.

In the DNS Flood Configuration area, view the configured DNS flood detection rules, or click Add
to enter the page shown in

Figure 16

to configure a DNS flood detection rule.

Table 7

describes

the configuration items.

Figure 16 Adding a DNS flood detection rule

Table 7 Configuration items

Item

Description

Protected Host
Configuration

IP Address

Specify the IP address of the protected host.

Action Threshold

Set the protection action threshold for DNS flood attacks that
target the protected host.
If the sending rate of DNS query requests destined for the
specified IP address constantly reaches or exceeds this

threshold, the firewall drops all extra requests and logs the
event.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS