Huawei DR814Q User Manual

Page 73

Advertising
background image

User Manual
Aolynk DR814Q ADSL2+ Broadband Router

5 Advanced Configuration

68

Item

Description

Port Flood
Detection
Threshold

When the device detects that TCP SYNC packets sent by a
host per second to a fixed port exceed this threshold, the device
will time the Flood attack. If the timing reaches the limit set in
the [Flood Detection Period] text box, the DR814Q concludes
that the host is making a port flood attack, and starts blocking
the packets sent by the host.

The default value is 10.

Host Flood
Detection
Threshold

When the device detects that TCP SYNC packets sent by a
host per second exceed this threshold, the device will time the
Flood attack. If the timing reaches the limit set in the [Flood
Detection Period] text box, the DR814Q concludes that the host
is making a port flood attack, and starts blocking the packets
sent by the host.

The default value is 20.

Flood Detection
Period

When the DR814Q detects that the duration of Flood attack by
a host reaches the set detection period, the device starts
blocking the packets sent by the host.

The default value is 10 seconds.

Maximum TCP
Open
Handshaking
Count

When the open handshaking count that the DR814Q receives
per second from a host exceeds the set value, the device
concludes that the SYN/ACK attack is detected.

The default value is 100.

Maximum Ping
Count

The attacker may send a number of ping packets to a network.
These packets consume too much bandwidth and make normal
network services unavailable. When the device detects that the
count of ping packets sent by a host per second exceeds the
set value, the device concludes that the ping flood attack is
detected.

The default value is 15.

Maximum ICMP
Count

The attacker may send a number of ICMP (non-Echo Request)
packets to a network. These packets consume too much
bandwidth and make normal network services unavailable.
When the device detects that the count of ICMP packets sent
by a host per second exceeds the set value, the device
concludes that the ICMP Flood attack is detected.

The default value is 100.

To modify the current IDS configuration, type in the relevant values of IDS options, and

then click <Apply>.

To clear the blacklist, click <Clear Blacklist>.

Advertising
Popular Brands
Popular manuals