Configuring syn flood detection – H3C Technologies H3C SecPath F1000-E User Manual
Page 626
6
Figure 5 DNS flood detection configuration page
Do the following to configure DNS flood detection:
1.
In the DNS Flood Attack Prevention Policy area, select Enable DNS Flood Attack
Detection. The device will collect DNS flood attack statistics, and output logs upon detecting
DNS flood attacks.
2.
From the DNS flood detection configuration list, view the configured DNS flood detection rules,
or click Add to enter the page shown in
to configure a DNS flood detection rule.
Figure 6 Add a DNS flood detection rule
describes the configuration items.
Table 3 DNS flood detection configuration items
Item
Description
IP Address
Type the IP address of the protected host.
Protected Host
Configuration
Rate Threshold
Set the maximum number of DNS query requests that can be
sent to the IP address per second.
Global Configuration
of Security Zone
Rate Threshold
Set the maximum number of DNS query requests that can be
sent to each host in the security zone per second.
NOTE:
•
In a security zone, you can configure multiple protected hosts and one global rate threshold.
•
For a host, the host-specific setting takes precedence over the global setting of the security zone.
Configuring SYN Flood Detection
NOTE:
SYN flood detection is mainly intended to protect servers and is usually configured for an internal zone.