IPDS | DoS | Create

Creation of customized DoS rules prevents attacks to certain farm services.

To create a new DoS rule select Actions >> Create DoS rule and fill the fields requested:

  •  Name. Rule name identification. Click on it and enter a distinctive name.
  •  Rule. It is the type of the rule. The different options will be:
    • Connection limit per second. Protect the farm service limiting the number of connections per second accessing to the service.
    • Total connections limit per source IP. Protect the farm service limiting the number of connections per source IP accessing to the service.
    • Check bogus TCP flags. Protect the farm service with bogus TCP flags packets.
    • Limit RST request per second. Protect the farm service of RST requests for TCP connections by limiting the RST packets per seconds accepted.

Once the required data is set, click on the Create button to generate the new DoS rule.

In addition to those farms rules there is a system rule called ssh_brute_force. It is already preloaded and can not be deleted. If eneabled it protects the system against the SSH password bruteforce. Thus it can not be applied to a given farm. Instead it can be applied to the entired system.

 

Aug 28, 2017 By ZVNcloud Intrusion Prevention and Detection System (IPDS) Comments (0) Views (1199) IPDS

Comments