Dell 6200 SERIES Computer Accessories User Manual


 
54 Switching Configuration
Denial of Service Attack Protection
This section describes the PowerConnect 6200 Series Denial of Service Protection feature.
Overview
Denial of Service:
•Spans two categories:
Protection of the switch
Protection of the network
Protects against the exploitation of a number of vulnerabilities which would make the host or network
unstable
Compliant with Nessus. Dell tested the switch software with Nessus version 2.0.10. Nessus is a widely-
used vulnerability assessment tool.
PowerConnect 6200 Series software provides a number of features that help a network administrator
protect networks against DoS attacks.
There are 6 available types of attacks which can be monitored for and blocked. Each type of attack is
represented by a dos-control command keyword.
console(config)#dos-control ?
firstfrag Enables IPv4 first fragment checking.
icmp Enables ICMP size checking.
l4port Enables L4 port number checking.
sipdip Enables SIP=DIP checking.
tcpflag Enables TCP flag checking.
tcpfrag Enables TCP fragment checking.