Filter
Top Products
Telnet Command Reference Guide V1.1
36
2.9 ddos
This command allows users to configure the settings for DoS defense system.
ddos [-V | D | A]
ddos [-s ATTACK_F [THRESHOLD][ TIMEOUT]]
ddos [-a | e [ATTACK_F][ATTACK_0] | d [ATTACK_F][ATTACK_0]]
Syntax Description
-V It means to view the configuration of DoS defense system.
-D It means to deactivate the DoS defense system.
-A It means to activate the DoS defense system.
-s It means to enable the defense function for a specific attack and set
its parameter(s).
ATTACK_F It means to specify the name of flooding attack(s) or portscan, e.g.,
synflood, udpflood, icmpflood, or postscan.
THRESHOLD It means the packet rate (packet/second) that a flooding attack will
be detected. Set a value larger than 20.
TIMEOUT It means the time (seconds) that a flooding attack will be blocked.
Set a value larger than 5.
-a It means to enable the defense function for all attacks listed in
ATTACK_0.
-e It means to enable defense function for a specific attack(s).
ATTACK_0 It means to specify a name of the following attacks: ip_option,
tcp_flag, land, teardrop, smurf, pingofdeath, traceroute, icmp_frag,
syn_frag, unknow_proto, fraggle.
-d It means to disable the defense function for a specific attack(s).
Example
>ddos –A
The Dos Defense system is Activated
>ddos –s synflood 50 10
Synflood is enabled! Threshold=50 <pke/sec> timeout=10 <pke/sec>