beautypg.com

NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual

Page 682

background image

Denial of Service Max ICMPv6 Packet Size: Specify the maximum ICMPv6
packet size allowed. If ICMPv6 DoS prevention is enabled, the switch drops
ICMPv6 ping packets with a size greater than the configured value. The range is
from 0 to 16376. The default value is 512.

Denial of Service First Fragment: Enabling first fragment DoS prevention causes
the switch to check the DoS options on the first fragment of a fragmented IP
packet. Otherwise, the switch ignores the first fragment of a fragmented IP packet.
By default, this option is disabled.

Denial of Service ICMP Fragment: Enabling ICMP Fragment DoS prevention
causes the switch to drop ICMP fragmented packets. By default, this option is
disabled.

Denial of Service SIP=DIP: Enabling SIP=DIP DoS prevention causes the switch
to drop packets with a source IP address equal to the destination IP address. By
default, this option is disabled.

Denial of Service SMAC=DMAC: Enabling SMAC=DMAC DoS prevention causes
the switch to drop packets with a source MAC address equal to the destination
MAC address. By default, this option is disabled.

Denial of Service TCP FIN&URG&PSH: Enabling TCP FIN & URG & PSH DoS
prevention causes the switch to drop packets with TCP flags FIN, URG, and PSH
set and the TCP sequence number equal to 0. By default, this option is disabled.

Denial of Service TCP Flag&Sequence: Enabling TCP Flag DoS prevention
causes the switch to drop packets with TCP control flags set to 0 and the TCP
sequence number set to 0. By default, this option is disabled.

Denial of Service TCP Fragment: Enabling TCP Fragment DoS prevention causes
the switch to drop packets with a TCP payload for which the IP payload length
minus the IP header size is less than the minimum allowed TCP header size. By
default, this option is disabled.

Denial of Service TCP Offset: Enabling TCP Offset DoS prevention causes the
switch to drop packets with a TCP header offset set to 1. By default, this option
is disabled.

Denial of Service TCP Port: Enabling TCP Port DoS prevention causes the switch
to drop packets for which the TCP source port is equal to the TCP destination
port. By default, this option is disabled.

Denial of Service TCP SYN: Enabling TCP SYN DoS prevention causes the switch
to drop packets with the TCP flag SYN set. By default, this option is disabled.

Denial of Service TCP SYN&FIN: Enabling TCP SYN & FIN DoS prevention
causes the switch to drop packets with TCP flags SYN and FIN set. By default, this
option is disabled.

Main User Manual

682

Manage Switch Security

Fully Managed Switches M4350 Series Main User Manual