Command Line Interface Reference Guide > The Configuration Menu > /cfg/security/dos Anomaly and Denial of Service Attack Prevention Menu
/cfg/security/dos
Anomaly and Denial of Service Attack Prevention Menu
 
[Protocol Anomaly and DoS Attack Prevention Menu]
ipttl - Set the smallest allowable IP ttl for ipttl
ipprot - Set the highest allowable IP protocol for ipprot
fragdata - Set the smallest allowable IP fragment payload for fragdata
fragoff - Set the smallest allowable IP fragment offset for fragoff
syndata - Set the largest allowable TCP SYN payload for syndata
icmpdata - Set the largest allowable ICMP payload for icmpdata
icmpoff - Set the largest allowable ICMP fragment offset for icmpoff
help - Protocol anomaly and DoS attack prevention description
cur - Display current protocol anomaly and DoS attack prevention
 
Anomaly and DoS Menu Options (/cfg/security/dos) 
Command Syntax and Usage
ipttl <IPv4 TTL, 0-255>
 
Sets the smallest allowable IP TTL for IPTTL.
ipprot <highest allowable IPv4 protocol [0-255]>
 
Set the highest allowable IP protocol for IP protection. For example:
Current highest allowable IPv4 protocol: 137
Enter new highest allowable IPv4 protocol [0-255]:
fragdata <IPv4 fragment payload size in bytes, 16-248>
 
Sets the smallest allowable IP fragment payload.
fragoff <IPv4 fragment offset in multiples of 8 bytes, 1-255>
 
Sets the smallest allowable IP fragment offset.
syndata <TCP packet payload size in bytes, 0-255>
 
Sets the largest allowable IP SYN payload.
icmpdata <ICMP packet payload size in bytes, 1-9026>
 
Sets the largest allowable ICMP payload.
icmpoff <ICMP fragment offset in multiples of 8 bytes, 1-8190>
 
Sets the largest allowable ICMP fragment offset.
help
 
Description of the anomaly and DoS attacks that are being prevented.
cur
 
Displays the current protocol anomaly and DoS attack prevention settings. For example:
Current protocol anomaly and DoS attack prevention settings:
ipttl 1, ipprot 137, fragdata 32, fragoff 4, syndata 0,
icmpdata 800, icmpoff 101