User's Manual
46
5.4.7 Denial-of-Service
The DoS Prevention functionality helps you to detect and mitigate the DoS attack. The
attacks are usually categorized into two types, the flooding-type attacks and the
vulnerability attacks. The flooding-type attacks will attempt to exhaust all your systeP¶V
resource while the vulnerability attacks will try to paralyze the system by offending the
vulnerabilities of the protocol or operation system.
The DoS Prevention function enables the router to inspect every incoming packet based on
the attack signature database. Any malicious packet that might duplicate itself to paralyze
the host in the secure LAN will be strictly blocked and a Syslog message will be sent as
warning, if you set up Syslog server.
Also this router monitors the traffic. Any abnormal traffic flow violating the pre-defined
parameter, such as the number of thresholds, is identified as an attack and the CPE will
activate its defence mechanism to mitigate in a real-time manner.
Enable DoS Prevention: check this box to enable DoS prevention function.
This page shows the attack types that DoS prevention function can detect:
Whole System Flood: SYN ICMP Smurf
Whole System Flood: FIN IP Land
Whole System Flood: UDP IP Spoof