NETGEAR XS712T-100NES Switch User Manual


 
42
XS712T Smart Switch
Denial of Service Min TCP Header Size: Specify the minimum TCP header size
allowed. If DoS TCP Fragment is enabled, the switch will drop packets that have a
TCP header smaller than the configured value.
Denial of Service ICMPv4: Enabling ICMPv4 DoS prevention causes the switch to
drop ICMPv4 packets that have a type set to ECHO_REQ (ping) and a size greater
than the configured ICMPv4 Pkt Size. The factory default is disabled.
Denial of Service Max ICMPv4 Packet Size: Specify the maximum ICMPv4 packet
size allowed. If ICMPv4 DoS prevention is enabled, the switch will drop IPv4 ICMP
ping packets that have a size greater than the configured value.
Denial of Service ICMPv6: Enabling ICMPv6 DoS prevention causes the switch to
drop ICMPv6 packets that have a type set to ECHO_REQ (ping) and a size greater
than the configured ICMPv6 Pkt Size.
Denial of Service Max ICMPv6 Packet Size: Specify the Max IPv6 ICMP packet size
allowed. If ICMPv6 DoS prevention is enabled, the switch will drop IPv6 ICMP ping
packets that have a size greater than this configured Max ICMPv6 Pkt Size.
Denial of Service First Fragment: Enabling First Fragment DoS prevention causes
the switch to check DoS options on first fragment IP packets when switch are
receiving fragmented IP packets. Otherwise, switch ignores the first fragment IP
packages.
Denial of Service ICMP Fragment: Enabling ICMP Fragment DoS prevention
causes the switch to drop ICMP Fragmented packets.
Denial of Service SIP=DIP: Enabling SIP=DIP DoS prevention causes the switch to
drop packets that have a source IP address equal to the destination IP address.
Denial of Service SMAC=DMAC: Enabling SMAC=DMAC DoS prevention causes
the switch to drop packets that have a source MAC address equal to the destination
MAC address.
Denial of Service TCP FIN&URG&PSH: Enabling TCP FIN & URG & PSH DoS
prevention causes the switch to drop packets that have TCP Flags FIN, URG, and
PSH set and TCP Sequence Number equal to 0.
Denial of Service TCP Flag&Sequence: Enabling TCP Flag DoS prevention causes
the switch to drop packets that have TCP control flags set to 0 and TCP sequence
number set to 0.
Denial of Service TCP Fragment: Enabling TCP Fragment DoS prevention causes
the switch to drop packets that have a TCP payload where the IP payload length
minus the IP header size is less than the minimum allowed TCP header size.
Denial of Service TCP Offset: Enabling TCP Offset DoS prevention causes the
switch to drop packets that have a TCP header Offset set to 1.
Denial of Service TCP Port: Enabling TCP Port DoS prevention causes the switch to
drop packets that have TCP source port equal to TCP destination port.
Denial of Service TCP SYN: Enabling TCP SYN DoS prevention causes the switch
to drop packets that have TCP Flags SYN set.
Denial of Service TCP SYN&FIN: Enabling TCP SYN & FIN DoS prevention causes
the switch to drop packets that have TCP Flags SYN and FIN set.