![Tp-Link T1600G-28PS (TL-SG2424P) Руководство пользователя онлайн [214/269] 174201](/img/pdf.png)
Tp-Link T1600G-28PS (TL-SG2424P) Руководство пользователя онлайн [214/269] 174201
![Tp-Link T1600G-28PS (TL-SG2424P) Руководство пользователя онлайн [214/269] 174201](/views2/1210086/page214/bgd6.png)
204
the illegal packets directly and limit the transmission rate of the legal packets if the over legal
packets may incur a breakdown of the network. The switch can defend several types of DoS attack
listed in the following table.
DoS Attack Type Description
Land Attack The attacker sends a specific fake SYN packet to the destination Host.
Since both the source IP address and the destination IP address of the
SYN packet are set to be the IP address of the Host, the Host will be
trapped in an endless circle for building the initial conne
ction. The
performance of the network will be reduced extremely.
Scan SYNFIN The attacker sends the packet with its SYN field and the FIN field set to
1. The SYN field is used to request initial connection whereas the FIN
field is used to request disconne
ction. Therefore, the packet of this
type is illegal. The switch can defend this type of illegal packet.
Xmascan
The attacker sends the illegal packet with its TCP index, FIN, URG and
PSH field set to 1.
NULL Scan Attack The attacker sends the illegal packet with its TCP index and all the
control fields set to 0. During the TCP connection and data
transmission, the packets with all the control fields set to 0 are
considered as the illegal packets.
SYN packet with its
source port less than
1024
The attack
er sends the illegal packet with its TCP SYN field set to 1
and source port less than 1024.
Blat Attack
The attacker sends the illegal packet with its source port and
destination port on Layer 4 the same and its URG field set to 1. Similar
to the Land Att
ack, the system performance of the attacked Host is
reduced since the Host circularly attempts to build a connection with
the attacker.
Ping Flooding
The attacker floods the destination system with Ping broadcast storm
packets to forbid the system to respond to the legal communication.
SYN/SYN-ACK
Flooding
The attacker uses a fake IP address to send TCP request packets to
the Server. Upon receiving the request packets, the Server responds
with SYN-ACK packets. Since the IP address is fake, no response will
be returned. The Server will keep on sending SYN-ACK packets. If the
attacker sends overflowing fake request packets, the network resource
will be occupied maliciously and the requests of the legal clients will be
denied.
WinNuke Attack Since the Opera
tion System with bugs cannot correctly process the
URG (Urgent Pointer) of TCP packets, the attacker sends this type of
packets to the TCP port139 (NetBIOS) of the Host with the Operation
System bugs, which will cause the Host with a blue screen.
Table 12-1 Defendable DoS Attack Types
Содержание
- Jetstream gigabit smart switch 1
- Ce mark warning 2
- Copyright trademarks 2
- Fcc statement 2
- Industry canada statement 3
- Safety information 3
- 安全諮詢及注意事項 3
- Company tp link technologies co ltd 4
- Date of issue 2015 11 18 date of issue 2015 11 18 4
- Declaration of conformity 4
- Person is responsible for marking this declaration 4
- Package contents 11
- Chapter 1 about this guide 12
- Conventions 12
- Intended readers 12
- Overview of this guide 12
- Appearance description 16
- Chapter 2 introduction 16
- Front panel 16
- Overview of the switch 16
- Rear panel 21
- Chapter 3 login to the switch 23
- Configuration 24
- Chapter 4 system 25
- System info 25
- System summary 25
- Device description 26
- System time 27
- Daylight saving time 28
- System ipv6 29
- User config 38
- User management 38
- User table 38
- System tools 39
- Boot config 40
- Config backup 41
- Config restore 41
- Firmware upgrade 42
- System reboot 43
- System reset 43
- Access control 44
- Access security 44
- Http config 45
- Https config 46
- Ssh config 48
- Application example 1 for ssh 50
- Application example 2 for ssh 51
- Telnet config 55
- Chapter 5 switching 56
- Port config 56
- Port mirror 57
- Port security 59
- Port isolation 61
- Loopback detection 62
- Lag table 65
- Static lag 66
- Lacp config 67
- Traffic monitor 69
- Traffic summary 69
- Traffic statistics 70
- Mac address 72
- Address table 73
- Static address 74
- Dynamic address 75
- Filtering address 77
- Chapter 6 vlan 79
- Q vlan 80
- Vlan config 81
- Port config 82
- Application example for 802 q vlan 84
- Configuration procedure 84
- Mac vlan 85
- Mac vlan 86
- Port enable 86
- Application example for mac vlan 87
- Configuration procedure 87
- Protocol vlan 89
- Protocol group 90
- Protocol group table 90
- Protocol template 91
- Configuration procedure 92
- Application example for protocol vlan 93
- Chapter 7 spanning tree 95
- Stp config 100
- Stp summary 102
- Port config 103
- Mstp instance 104
- Instance config 105
- Region config 105
- Instance port config 106
- Global configuration procedure for spanning tree function 108
- Port protect 108
- Stp security 108
- Application example for stp function 111
- Tc protect 111
- Chapter 8 multicast 116
- Igmp snooping 120
- Snooping config 122
- Port config 124
- Vlan config 125
- Configuration procedure 126
- Multicast vlan 126
- Application example for multicast vlan 128
- Configuration procedure 128
- Querier config 129
- Profile config 131
- Profile binding 132
- Configuration procedure 134
- Packet statistics 134
- Mld snooping 135
- Snooping config 137
- Port config 138
- Vlan config 139
- Multicast vlan 140
- Configuration procedure of multicast vlan 142
- Querier config 142
- The following entries are displayed on this screen 142
- Profile config 143
- Profile binding 145
- Configuration procedure 147
- Packet statistics 147
- Ipv4 multicast table 148
- Multicast table 148
- Static ipv4 multicast table 149
- Ipv6 multicast table 150
- Static ipv6 multicast table 151
- Chapter 9 routing 153
- Interface 153
- Routing table 156
- Static routing 157
- Arp table 158
- Static arp 158
- Chapter 10 qos 159
- Diffserv 162
- Port priority 162
- Configuration procedure 163
- Schedule mode 163
- 802 p priority 164
- Configuration procedure 165
- Dscp priority 165
- Configuration procedure 166
- Bandwidth control 167
- Rate limit 167
- Storm control 168
- Voice vlan 169
- Global config 171
- Port config 172
- Oui config 173
- Configuration procedure of voice vlan 174
- Chapter 11 poe 175
- Poe config 175
- Poe config 176
- Poe profile 177
- Time range 178
- Time range summary 178
- Time range create 179
- Holiday config 181
- Acl config 182
- Acl create 182
- Acl summary 182
- Chapter 12 acl 182
- Mac acl 183
- Standard ip acl 184
- Extend ip acl 185
- Policy config 186
- Policy create 186
- Policy summary 186
- Acl binding 187
- Action create 187
- Binding table 188
- Port binding 189
- Configuration procedure 190
- Policy binding 190
- Vlan binding 190
- Binding table 191
- Port binding 192
- Application example for acl 193
- Configuration procedure 193
- Vlan binding 193
- Binding table 196
- Chapter 13 network security 196
- Ip mac binding 196
- Manual binding 197
- Arp scanning 199
- Dhcp snooping 200
- Global config 204
- Port config 205
- Arp inspection 206
- Arp detect 210
- Arp defend 211
- Configuration procedure 211
- Arp statistics 212
- Dos defend 213
- Dos defend 215
- Global config 219
- Port config 221
- Radius config 222
- Configuration procedure 223
- Chapter 14 snmp 225
- Global config 227
- Snmp config 227
- Snmp view 228
- Snmp group 229
- Snmp user 230
- Snmp community 232
- Configuration procedure 233
- Notification 234
- Statistics 237
- History 238
- Alarm config 240
- Chapter 15 lldp 242
- Lldp working mechanism 242
- Lldpdu format 242
- Basic config 246
- Global config 246
- Port config 247
- Device info 248
- Local info 248
- Neighbor info 249
- Device statistics 250
- Elements 251
- Lldp med 251
- Global config 252
- Port config 253
- Local info 255
- Neighbor info 256
- Chapter 16 maintenance 257
- Cpu monitor 257
- System monitor 257
- Memory monitor 258
- Log table 259
- Local log 260
- Backup log 261
- Remote log 261
- Cable test 262
- Device diagnostics 262
- Network diagnostics 263
- Tracert 264
- Appendix a specifications 266
- Appendix b glossary 267
Похожие устройства
- Tp-Link T1600G-28TS (TL-SG2424) Брошюра
- Tp-Link T1600G-28TS (TL-SG2424) Руководство по командной строке
- Tp-Link T1600G-28TS (TL-SG2424) Руководство по конфигурированию
- Tp-Link T1600G-28TS (TL-SG2424) Руководство по установке
- Tp-Link T1600G-28TS (TL-SG2424) Руководство пользователя
- Rivotek Fisher 25 Pro Руководство пользователя
- Rivotek Fisher 51 Руководство пользователя
- Liberton D-LED 4016 DBT2 Руководство по эксплуатации
- Liberton D-LED 3216 DBT2 Руководство по эксплуатации
- Liberton D-LED 2216 DBT2 Руководство по эксплуатации
- Liberton D-LED 32303 DBT2 Руководство по эксплуатации
- Liberton D-LED 24306 DBT2 Руководство по эксплуатации
- Liberton D-LED 3203 DBT2 Руководство по эксплуатации
- Philips SHE3590/10 Red Инструкция по эксплуатации
- Philips D 1202 B Инструкция по эксплуатации
- Philips HR 1560/20 Инструкция по эксплуатации
- Philips DCM2260/12 Black Инструкция по эксплуатации
- Philips BT5880B/12 Black Инструкция по эксплуатации
- Philips SC1981/00 Инструкция по эксплуатации
- Philips HP8320/00 Essential Care Инструкция по эксплуатации