SMC Networks SMCWBR14S-N2 User Manual
Page 112
C
ONFIGURING
THE
B
ARRICADE
4-60
•
DoS
Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).
Note:
The firewall does not significantly affect system performance, so
we advise enabling the prevention features to protect your
network.
Parameter
Defaults Description
Total incomplete
TCP/UDP sessions
HIGH
300
sessions
Defines the rate of new unestablished sessions
that will cause the software to start deleting
half-open sessions.
Total incomplete
TCP/UDP sessions
LOW
250
sessions
Defines the rate of new unestablished sessions
that will cause the software to stop deleting half-
open sessions.
Incomplete
TCP/UDP sessions
(per min) HIGH
250
sessions
Maximum number of allowed incomplete
TCP/UDP sessions per minute.
Incomplete
TCP/UDP sessions
(per min) LOW
200
sessions
Minimum number of allowed incomplete
TCP/UDP sessions per minute.
Maximum incomplete
TCP/UDP sessions
number from same
host
10
Maximum number of incomplete TCP/UDP
sessions from the same host.
Incomplete
TCP/UDP sessions
detect sensitive time
period
300
msec
Length of time before an incomplete
TCP/UDP session is detected as incomplete.
Maximum half-open
fragmentation packet
number from same
host
30
Maximum number of half-open fragmentation
packets from the same host.
Half-open
fragmentation detect
sensitive time period
10000
msec
Length of time before a half-open
fragmentation session is detected as half-open.
Flooding cracker
block time
300
second
Length of time from detecting a flood attack to
blocking the attack.