User guide
Table Of Contents
- Contents
- Figures
- Tables
- Preface
- Section I
- Basic Operations
- Chapter 1
- Basic Switch Parameters
- Configuring the Switch’s Name, Location, and Contact
- Changing the Manager and Operator Passwords
- Setting the System Date and Time
- Rebooting a Switch
- Pinging a Remote System
- Returning the AT-S63 Management Software to the Factory Default Values
- Displaying the IP Address of the Local Interface
- Displaying System Information
- Chapter 2
- Port Parameters
- Chapter 3
- Enhanced Stacking
- Chapter 4
- SNMPv1 and SNMPv2c
- Chapter 5
- MAC Address Table
- Chapter 6
- Static Port Trunks
- Chapter 7
- Port Mirroring
- Section II
- Advanced Operations
- Chapter 8
- File System
- Chapter 9
- File Downloads and Uploads
- Chapter 10
- Event Logs and Syslog Client
- Chapter 11
- Classifiers
- Chapter 12
- Access Control Lists
- Chapter 13
- Class of Service
- Chapter 14
- Quality of Service
- Chapter 15
- Denial of Service Defenses
- Chapter 16
- IGMP Snooping
- Section III
- SNMPv3
- Chapter 17
- SNMPv3
- Configuring the SNMPv3 Protocol
- Enabling or Disabling SNMP Management
- Configuring the SNMPv3 User Table
- Configuring the SNMPv3 View Table
- Configuring the SNMPv3 Access Table
- Configuring the SNMPv3 SecurityToGroup Table
- Configuring the SNMPv3 Notify Table
- Configuring the SNMPv3 Target Address Table
- Configuring the SNMPv3 Target Parameters Table
- Configuring the SNMPv3 Community Table
- Displaying SNMPv3 Tables
- Section IV
- Spanning Tree Protocols
- Chapter 18
- Spanning Tree and Rapid Spanning Tree Protocols
- Chapter 19
- Multiple Spanning Tree Protocol
- Section V
- Virtual LANs
- Chapter 20
- Port-based and Tagged VLANs
- Chapter 21
- GARP VLAN Registration Protocol
- Section VI
- Port Security
- Chapter 22
- MAC Address-based Port Security
- Chapter 23
- 802.1x Port-based Network Access Control
- Section VII
- Management Security
- Chapter 24
- Encryption Keys, PKI, and SSL
- Chapter 25
- Secure Shell (SSH)
- Chapter 26
- TACACS+ and RADIUS Protocols
- Chapter 27
- Management Access Control List
- Index
Chapter 15: Denial of Service Defenses
188 Section II: Advanced Operations
Configuring Denial of Service Defense
To configure the ports on the switch for a Denial of Service attack defense,
perform the following procedure:
1. From the home page, select Configuration.
2. From the Configuration menu, select the Network Security option.
3. Select the DoS tab.
The DoS tab is shown in Figure 68.
Figure 68. DoS Tab (Configuration)
4. If you are implementing the SMURF or Land defense, you must
provide an IP address and mask for your LAN. To do this, complete
the following procedure. Otherwise, skip ahead to Step 5.
a. In the DoS LAN Subnet IP field, enter the IP address of one of the
devices connected to the switch, preferably the lowest IP address.
b. In the DoS Subnet Mask field, enter the LAN’s mask. enter the
mask. A binary “1” indicates the switch should filter on the
corresponding bit of the IP address, while a “0” indicates that it
should not. As an example, assume that the devices connected to
a switch are using the IP address range 149.11.11.1 to