18
STEP 1
STEP 2
STEP 3
STEP 4
STEP 5
STEP 6
360
Click Security > Denial of Service Prevention > Security Suite Settings. The
Security Suite Settings displays.
CPU Protection Mechanism: Enabled indicates that SCT is enabled.
Click Details beside CPU Utilization to go to the CPU Utilization page and view
CPU resource utilization information.
Click Edit beside TCP SYN Protection to go to the SYN Protection page and
enable this feature.
Select DoS Prevention to enable the feature.
•
Disable—Disable the feature.
•
System-Level Prevention—Enable that part of the feature that prevents
attacks from Stacheldraht Distribution, Invasor Trojan, and Back Orifice
Trojan.
If System-Level Prevention or System-Level and Interface-Level Prevention is
selected, enable one or more of the following DoS Prevention options:
•
Stacheldraht Distribution—Discards TCP packets with source TCP port
equal to 16660.
•
Invasor Trojan—Discards TCP packets with destination TCP port equal to
2140 and source TCP port equal to 1024.
•
Back Orifice Trojan—Discards UDP packets with destination UDP port
equal to 31337 and source UDP port equal to 1024.
Click Apply. The Denial of Service prevention Security Suite settings are written to
the Running Configuration file.
•
If Interface-Level Prevention is selected, click the appropriate Edit button to
configure the desired prevention.
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
Security
Denial of Service Prevention