Allied-telesis AT-S62 Bedienungsanleitung Seite 213
- Seite / 862
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
AT-S62 User’s Guide
Section II: Advanced Operations 213
Denial of Service Defense Overview
The AT-S62 management software can help protect your network
against the following types of Denial of Service attacks.
❑ SYN Flood Attack
❑ SMURF Attack
❑ Land Attack
❑ Teardrop Attack
❑ Ping of Death Attack
❑ IP Options Attack
The following subsections briefly describe each type of attack and the
mechanism employed by the AT-S62 management software to protect
your network.
Note
Be sure to read the following descriptions before implementing a
DoS defense on a switch. Some defense mechanisms are CPU
intensive and can impact switch behavior.
SYN Flood
Attack
In this type of attack, an attacker sends a large number of TCP
connection requests (TCP SYN packets) with bogus source addresses to
the victim. The victim responds with acknowledgements (SYN ACK
packets), but since the original source addresses are bogus, the victim
node does not receive any replies. If the attacker sends enough requests
in a short enough period, the victim may freeze operations when the
number of requests exceeds the capacity of its connections queue.
To defend against this form of attack, a switch port monitors the number
of ingress TCP connection requests it receives. If a port receives more
than 60 requests per second, the following occurs.
❑ The switch sends a SNMP trap to the management workstations
❑ The port discards all ingress TCP-SYN packets for one minute.
However, the port continues to allow existing TCP connections to
go through.
This defense mechanism does not involve the switch’s CPU. You can
activate it on as many ports as you want without it impacting switch
performance.
- User’s Guide 1
- Section II 5
- Section III 6
- Section IV 7
- Section V 8
- Section VI 9
- Section VII 9
- Table of Contents 10
- Web Browser Management 11
- Section VIII 11
- List of Figures 16
- How This Guide is Organized 25
- Document Conventions 27
- Contacting Allied Telesyn 29
- Management Software Updates 30
- Overview 31
- Management Overview 32
- Local Management Session 34
- Telnet Management Session 35
- Chapter 1: Overview 36
- SNMP Management Session 37
- Management Access Levels 38
- Basic Operations 39
- Starting a Local or Telnet 40
- Management Session 40
- Starting a Local 42
- Enhanced 44
- Stacking 44
- Quitting a Local 44
- Quitting a 46
- Saving Your Parameter Changes 47
- Enhanced Stacking 48
- Enhanced Stacking Overview 49
- Chapter 3: Enhanced Stacking 50
- RS-232 TERMINAL PORT 51
- IP Address 51
- Returning to 55
- Basic Switch Parameters 56
- How Do You 58
- Assign an IP 58
- Address? 58
- Setting the System Time 67
- D - Disabled) -> 69
- -> 600 70
- Configuring the Console Timer 72
- ° Celsius 80
- ° to 90° Celsius 80
- SNMPv1 and SNMPv2c Overview 82
- Default SNMP 84
- Enter SNMP Manager IP Addr: 88
- Enter Trap Receiver IP Addr: 88
- Enter SNMP Community Name: 90
- Displaying Port Status 95
- Flow Ctl 97
- Chapter 6: Port Parameters 100
- 5 - Speed .............. 0100 101
- 6 - Duplex ............. Full 101
- AT-S62 User’s Guide 103
- Setting the Rate Limit 107
- MAC Address Table 109
- MAC Address Overview 110
- Displaying MAC Addresses 112
- Chapter 7: MAC Address Table 114
- XXXXXXXXXXXX or XXXXXX XXXXXX 116
- Enter port-list: -> 116
- Changing the Aging Time 120
- Port Trunking 121
- Port Trunking Overview 122
- Port Operating 123
- Specifications 123
- Distribution 123
- Chapter 8: Port Trunking 124
- Creating a Port Trunk 129
- Create Trunk 130
- Modifying a Port Trunk 132
- Modify Trunk 133
- Deleting a Port Trunk 135
- Port Mirroring 136
- Port Mirroring Overview 137
- Creating a Port Mirror 138
- Deleting a Port Mirror 140
- Ethernet Statistics 141
- Displaying Port Statistics 142
- Clearing Port Counters 144
- Advanced Operations 145
- File System 146
- File System Overview 147
- File Naming 148
- Conventions 148
- Creating a Boot 149
- Configuration 149
- Chapter 11: File System 150
- Enter the file name: 151
- Setting the 152
- Active Boot 152
- Viewing a Boot 153
- Editing a Boot 154
- Troubleshoot 155
- Enter the source file name: 156
- Please wait 156
- Press any key 156
- Displaying System Files 158
- File Downloads and Uploads 160
- Return to Previous Menu 162
- [Yes/No] 168
- Downloading a System File 171
- Downloading a 172
- System File 172
- Management 172
- Uploading a System File 177
- Uploading a 178
- Event Log 182
- Event Log Overview 183
- Chapter 13: Event Log 184
- Displaying Events 185
- Saving the Event Log 189
- Clearing the Event Log 190
- Quality of Service 191
- Quality of Service Overview 192
- Configuring CoS 196
- Configuring Egress Scheduling 201
- IGMP Snooping 203
- IGMP Snooping Overview 204
- Activating IGMP Snooping 206
- Chapter 15: IGMP Snooping 208
- Denial of Service Defense 212
- SYN Flood 213
- Ping of Death 216
- IP Options 217
- Denial of 217
- Service Defense 217
- Guidelines 217
- SNMPv3 Operations 221
- SNMPv3 Configuration 222
- SNMPv3 Overview 223
- Authentication 224
- Protocols 224
- SNMPv3 Privacy 225
- Protocol 225
- SNMPv3 MIB 225
- SNMPv3 Storage 226
- Notification 226
- SNMPv3 User Table 228
- SNMPv3 View Table 228
- SNMPv3 Access Table 228
- Creating an 234
- SNMPv3 User 234
- Table Entry 234
- Enter User (Security) Name: 236
- N-None]: 236
- Enter Privacy Password: 237
- [Yes/No]-> 238
- SNMPv3 View 244
- Deleting an 247
- Modifying an 248
- Enter View Name: 250
- 1.3.6.1.2.1.6 250
- SNMPv3 Access 253
- P-AuthPriv]: 255
- Enter Read View Name: 256
- Enter Write View Name: 256
- Enter Notify View Name: 256
- A-AuthNoPriv, P-AuthPriv]: 258
- Enter Group Name: 262
- SecurityToGroup 268
- Table Entr 272
- SNMPv3 Notify 276
- Enter Notify Name: 281
- SNMPv3 Target 284
- Address Table 284
- Enter Target Address Name: 289
- Enter IP Address: 289
- Enter Tag List: 292
- Enter Target Parameters: 293
- Parameters 297
- Enter Target Parameters Name: 298
- Community 310
- Enter Security Name: 312
- Enter Transport Tag: 312
- Enter Community Index: 316
- Displaying SNMPv3 Table Menus 319
- Displaying the 321
- Display SNMPv3 321
- View Table 321
- Access Table 322
- Notify Table 324
- Target Address 325
- Table Menu 325
- Spanning Tree Protocols 328
- Spanning Tree and Rapid 329
- STP and RSTP Overview 330
- Bridge Priority 331
- Chapter 18: STP and RSTP 332
- Edge Port 337
- Mixed STP and 338
- RSTP Network 338
- Spanning Tree 338
- Configuring STP 342
- Port Settings 344
- Displaying STP 346
- Configuring RSTP 347
- Configuring 349
- RSTP Port 349
- Settings 349
- Displaying Port 351
- RSTP Status 351
- Chapter 19 352
- MSTP Overview 353
- Multiple 354
- Instance (MSTI) 354
- AT- 8524M 355
- VLAN and MSTI 358
- Associations 358
- AT-8524M 360
- Summary of 363
- AT-8524M AT-8524M 367
- Configuring the CIST Priority 372
- 4096]: [0 to 15] -> 373
- Associating VLANs to MSTI IDs 377
- Associating a 378
- VLAN to an 378
- Enter the list of VLANs: 379
- Virtual LANs 384
- Chapter 20 385
- VLAN Overview 386
- Section V: Virtual LANs 387 387
- Port-based VLAN Overview 388
- Section V: Virtual LANs 389 389
- Section V: Virtual LANs 390 390
- Port-based 391
- Example 1 391
- Section V: Virtual LANs 392 392
- Example 2 393
- Section V: Virtual LANs 394 394
- Tagged VLAN Overview 395
- Section V: Virtual LANs 396 396
- General Rules 397
- Tagged VLAN 397
- Section V: Virtual LANs 399 399
- Section V: Virtual LANs 400 400
- Section V: Virtual LANs 401 401
- Section V: Virtual LANs 402 402
- Section V: Virtual LANs 403 403
- Section V: Virtual LANs 404 404
- Section V: Virtual LANs 405 405
- Modifying a VLAN 406
- Section V: Virtual LANs 407 407
- Press any key to continue 408
- Section V: Virtual LANs 409 409
- Displaying VLANs 410
- Deleting a VLAN 411
- Section V: Virtual LANs 412 412
- Section V: Virtual LANs 413 413
- Deleting All VLANs 414
- Section V: Virtual LANs 415 415
- Section V: Virtual LANs 416 416
- Disable) -> 417
- Specifying a Management VLAN 418
- Press any key to continue 419
- Chapter 21 420
- Section V: Virtual LANs 421 421
- Section V: Virtual LANs 423 423
- GVRP and 424
- Security 424
- GVRP-inactive 425
- Intermediate 425
- Switches 425
- Protocol (GARP) 426
- Section V: Virtual LANs 427 427
- Section V: Virtual LANs 428 428
- Section V: Virtual LANs 429 429
- Configuring GVRP 430
- > 1000 431
- Section V: Virtual LANs 432 432
- Section V: Virtual LANs 433 433
- Your changes are saved 434
- Section V: Virtual LANs 435 435
- Section V: Virtual LANs 436 436
- Section V: Virtual LANs 437 437
- Section V: Virtual LANs 438 438
- Section V: Virtual LANs 439 439
- Section V: Virtual LANs 440 440
- Section V: Virtual LANs 441 441
- GIP Connected 442
- Ports Ring 442
- GVRP State 443
- Section V: Virtual LANs 444 444
- Section V: Virtual LANs 445 445
- Multiple VLAN Modes 446
- Multiple VLAN Mode Overview 447
- Section V: Virtual LANs 448 448
- Non-802.1Q 449
- Compliant 449
- Multiple VLAN 449
- Section V: Virtual LANs 450 450
- Selecting a VLAN Mode 451
- Displaying VLAN Information 452
- Port Security 453
- MAC Address Security 454
- MAC Address Security Overview 455
- Section VI: Port Security 456 456
- Section VI: Port Security 457 457
- Section VI: Port Security 458 458
- Section VI: Port Security 459 459
- Disable): 460
- Section VI: Port Security 461 461
- Section VI: Port Security 462 462
- Chapter 24 463
- Section VI: Port Security 464 464
- Section VI: Port Security 466 466
- Fast Ethernet Switch 467
- Accounting 468
- Section VI: Port Security 469 469
- Access Control 470
- Section VI: Port Security 471 471
- Section VI: Port Security 472 472
- Section VI: Port Security 473 473
- Setting Port Roles 474
- Section VI: Port Security 475 475
- Section VI: Port Security 476 476
- Section VI: Port Security 477 477
- Section VI: Port Security 478 478
- Section VI: Port Security 479 479
- Section VI: Port Security 480 480
- Section VI: Port Security 481 481
- Section VI: Port Security 482 482
- Configuring RADIUS Accounting 483
- Section VI: Port Security 484 484
- Management Security 485
- Web Server 486
- Web Server Overview 487
- General Steps to 488
- Configuring the 488
- Web Server for 488
- Encryption 488
- Configuring the Web Server 490
- [1 to 2] -> 491
- Enter SSL Key ID -> 491
- Encryption Keys 492
- Basic Overview 493
- Encryption Key 494
- Technical Overview 495
- Chapter 26: Encryption Keys 496
- Key Exchange 498
- Algorithms 498
- Creating an Encryption Key 500
- Enter new Description -> 503
- Deleting an Encryption Key 504
- Modifying an Encryption Key 505
- Exporting an Encryption Key 506
- Importing an Encryption Key 508
- Public Key Infrastructure 510
- Certificates 510
- Distinguished 512
- Verification 517
- Signatures 519
- Elements of a 520
- Public Key 520
- Infrastructure 520
- Certificate 521
- Validation 521
- Revocation Lists 522
- Implementation 522
- Switch 12 - sw12.cer 529
- Modifying a Certificate 531
- Deleting a Certificate 533
- Viewing a Certificate 534
- ...Done 539
- 12.csr] 539
- Configuring PKI 541
- Configuring SSL 542
- Secure Shell (SSH) Protocol 543
- SSH Overview 544
- Configuring the SSH Server 548
- Displaying SSH Information 550
- RADIUS and TACACS+ 552
- Authentication Protocols 552
- TACACS+ and RADIUS Overview 553
- Disabled) -> 559
- Displaying 562
- RADIUS Status 562
- Chapter 30 563
- Parts of a 564
- ACL Guidelines 565
- ACL Examples 566
- Creating the Management ACL 568
- Starting a Web Browser 573
- Switch’s IP Address 574
- Chapter 32: Enhanced Stacking 580
- Displaying System Information 590
- Rebooting a Switch 594
- Pinging a Remote System 595
- SNMPv1 and SNMPv2c 598
- Community Strings 598
- Modifying a Community String 604
- Deleting a Community String 606
- Port Parameters 609
- Configuring Port Parameters 610
- Chapter 35: Port Parameters 612
- Chapter 36:MAC Address Table 622
- Chapter 37: Port Trunking 630
- Displaying the Port Trunks 635
- The ports of the trunk 636
- Chapter 38: Port Mirroring 640
- Displaying the Port Mirror 643
- Downloading a File 645
- Uploading a File 648
- Chapter 40: Event Log 652
- Displaying the CoS Settings 664
- Displaying QoS Scheduling 666
- Configuring IGMP Snooping 668
- Chapter 42: IGMP Snooping 670
- Displaying the DoS Settings 677
- SNMPv3 Protocol 678
- AT-S62 User’s Guide 679
- Enabling the SNMP Protocol 680
- Changes 682
- Creating a User 683
- Chapter 44: SNMPv3 Protocol 684
- Deleting a User 686
- Modifying a 686
- User Table 686
- Creating a View 690
- Deleting a View 693
- Creating a 703
- Deleting a 705
- Modifying 717
- Displaying SNMPv3 Tables 733
- Displaying User 734
- Table Entries 734
- Displaying View 735
- STP, RSTP, and MSTP 742
- 7. Click Apply 744
- Configuring MSTP 752
- Associating 755
- VLANs to MSTIs 755
- MSTP Port 758
- Chapter 46: Virtual LANs 762
- 6. Click Apply 772
- Chapter 47 775
- Displaying the GVRP Settings 780
- Chapter 49 785
- 4. Click Apply 792
- Changes on page 577 792
- Secure Shell Protocol 797
- Encryption Keys, PKI, and SSL 802
- Displaying Encryption Keys 803
- Displaying the SSL Settings 807
- Chapter 53 815
- Creating a Management ACL 816
- Adding or Deleting an ACE 818
- Displaying the Management ACL 819
- AT-S62 Default Settings 820
- Basic Switch Default Settings 821
- RS-232 Port 822
- Default Settings 822
- SNTP Default 822
- Switch State Slave 824
- SNMP Default Settings 825
- Event Log Default Settings 827
- MSTP Default 832
- VLAN Default Settings 833
- GVRP Default Settings 834
- Web Server Default Settings 837
- SSL Default Settings 838
- PKI Default Settings 839
- SSH Default Settings 840
- Control List 842
- Status Disabled 842
- SNMPv3 Configuration Examples 843
- Operator 845
- Worksheet 846
Verwandte Produkte und Handbücher für Computerhardware Allied-telesis AT-S62
(26 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.332 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern