Allied-telesis AT-S62 Manual de usuario descargar pdf (Pagina 241)

100

101

AT-S62 Command Line User’s Guide

241

SET DOS PINGOFDEATH

Syntax

set dos pingofdeath port=port state=enable|disable

[mirrorport=port]

Parameters

port Specifies the switch ports on which to enable or

disable the Ping of Death defense. You can specify

more than one port at a time.

state Specifies the state of the IP Option defense. The

options are:

enable Activates the defense.

disable Deactivates the defense. This is the default.

mirrorport Specifies a port where invalid traffic is copied. You can

specify only one port.

Description

This command activates and deactivates the Ping of Death DoS defense.

In this DoS, an attacker sends an oversized, fragmented Ping packet to

the victim, which, if lacking a policy for handling oversized packets, may

freeze.

To defend against this form of attack, a switch port searches for the last

fragment of a fragmented Ping request and examines its offset to

determine if the packet size is greater than 63,488 bits. If it is, the

fragment is forwarded to the switch’s CPU for final packet size

determination. If the switch determines that the packet is oversized, the

following occurs:

❑ The switch sends a trap to the management workstations.

❑ The switch port discards the fragment and, for a one minute

period, discards all ingress Ping packets on the port.

1 2 ... 236 237 238 239 240 241 242 243 244 245 246 ... 419 420

Comentarios a estos manuales

Sin comentarios

Allied-telesis AT-S62 Manual de usuario Pagina 241

Comentarios a estos manuales

Relacionado con productos y manuales para Hardware De La Computadora Allied-telesis AT-S62