您好,欢迎到访bingge的博客! 登录后台 查看权限

How does DoS protection work

教程 bingge 2017-03-09 691 次浏览 个评论

A “denial-of-server” attack is an explicit attempt to deny legitimate users from using a service or computer resource.

DoS/DDoS attempts to reach below three goals to make victim/system/server fail to provide service.

1. Make victim/system too busy to provide service

2. Occupy LAN bandwidth of victim/system

3. Occupy WAN bandwidth of victim/system

 

Enable DoS protection feature can filter suspicious or unreasonable packets to prevent from flooding the network with large amounts of fake traffic.

a2940849-297a-4c63-ac34-003de79ce602.gif

ASUS router uses following methods to detect suspicious attack.

 

1. SYN-Flooding Protection : Only allow one TCP/SYN packet to pass per second.

2. Port Scanner Protection : Protect router from port scanning via external port scan tool

3. Ping of Death : Only allow one ICMP packet(type 8) to pass per second or drop the length of ICMP packet over 65535.

 

Even if this feature can protect it from suspicious packets pass, the home network still have chance to be paralyzed by DDoS bonnet attack due to bandwidth can't effort massive packetsDoS protection can help system to be restored after paralyzing by DDoS attacks and at least keep LAN to LAN service working if system is not overloading.


本文来自 AsusSmart Router Blog 转载请注明;

本文地址:http://www.asussmart.com/smart/457.html