Table of Contents
Advertisement
Security
Denial of Service Prevention
Cisco 350XG & 550XG Series 10G Stackable Managed Switches
from remote hosts. This scenario primarily concerns the device when it
serves as a server on the web.
•
Back OrifaceTrojan—This is a variation of a trojan that uses Back Oriface
software to implant the trojan.
Defense Against DoS Attacks
The Denial of Service (DoS) Prevention feature assists the system administrator
in resisting such attacks in the following ways:
•
Enable TCP SYN protection. If this feature is enabled, reports are issued
when a SYN packet attack is identified, and the attacked port can be
temporarily shut-down. A SYN attack is identified if the number of SYN
packets per second exceeds a user-configured threshold.
•
Block SYN-FIN packets.
•
Block packets that contain reserved Martian addresses
Addresses
page)
•
Prevent TCP connections from a specific interface
rate limit the packets
•
Configure the blocking of certain ICMP packets
•
Discard fragmented IP packets from a specific interface
Filtering
page)
•
Deny attacks from Stacheldraht Distribution, Invasor Trojan, and Back
Orifice Trojan
(Security Suite Settings
Dependencies Between Features
ACL and advanced QoS policies are not active when a port has DoS Protection
enabled on it. An error message appears if you attempt to enable DoS Prevention
when an ACL is defined on the interface or if you attempt to define an ACL on an
interface on which DoS Prevention is enabled.
A SYN attack cannot be blocked if there is an ACL active on an interface.
(SYN Rate Protection
page).
(Martian
(SYN Filtering
page)
(ICMP Filtering
page)
IP Fragmented
19
page) and
433
Hide quick links:
Advertisement
Table of Contents
