5) dos criteria and port scan criteria – Sagem SAGEMFAST 1500WG User Manual

4 - Configuring the SAGEM F@st™ 1500 ADSL router

SAGEM F@st™ 1500 Reference Manual - 288053220-04
Page 4-46

Reproduction and communication prohibited without the written permission of

E

E

E

E

5) DoS Criteria and Port Scan Criteria

Set up DoS and port scan criteria in the spaces provided (as shown below).
Note: The firewall does not significantly affect system performance, so we advise enabling the
prevention features to protect your network.

Parameter

Defaults

Description

Total incomplete
TCP/UDP sessions
HIGH

300 sessions

Defines the rate of new unestablished sessions that will cause
the software to start deleting half-open sessions.

Total incomplete
TCP/UDP sessions
LOW

250 sessions

Defines the rate of new unestablished sessions that will cause
the software to stop deleting halfopen sessions.

Incomplete
TCP/UDP sessions
(per min) HIGH

250 sessions

Maximum number of allowed incomplete TCP/UDP sessions
per minute.

Incomplete
TCP/UDP sessions
(per min) LOW

200 sessions

Minimum number of allowed incomplete TCP/UDP sessions per
minute.

Maximum
incomplete
TCP/UDP sessions
number from same
host

10

Maximum number of incomplete TCP/UDP sessions from the
same host.

Incomplete
TCP/UDP sessions
detect sensitive
time period

300 msec

Length of time before an incomplete TCP/UDP session is
detected as incomplete.

Maximum half open
fragmentation
packet number
from same host

30

Maximum number of half open fragmentation packets from the
same host.

Half-open
fragmentation
detect sensitive
time period

10000 msec

Length of time before a half-open fragmentation session is
detected as half-open.

Flooding cracker
block time

300 second

Length of time from detecting a flood attack to blocking the
attack.