IPDS | DoS | Update

POSTED ON 2 October, 2017

This section shows the DoS protection rules available organized in two tabs Global and Farms. Keep in mind that every change in this section has to be applied clicking on the Update button.

Global Settings DoS Rules

The Global Settings for every type of DoS rule depends on the type of the rule itself. See below the different options.

Name. By default the name of the DoS rule.
Type. The type of the rule, either System or Farm.
Rule. Which kind of rule of all defined ones.

SSH Brute Force

zevenet ipds dos rules ssh brute force

Some settings in regards to the SSH brute force rule are:

Port. It can’t be changed and it’ll be gathered from the SSH service configuration.
Hits. Number of incorrect logins attempts before blocking an IP source address.
Time. Amount of time in seconds that a certain IP address will be blocked if the number of hits is reached.

Connection limit per second

zevenet ipds dos rules connection limit per second

Some settings in regards to the connection limit per second rule are:

Total connections per source IP. Number of connections allowed in a certain time slot per client or source IP address. This option acts like a soft limit.
Limit Burst. Number of allowed connections per source IP address before the limit of 1 per second blocking. This option acts like a hard limit.

Total connections limit per source IP

zevenet ipds dos rules connection limit per source IP

Total connections limit per source IP. Number of total connections allowed per client or source IP address.

Check bogus TCP flags

No global settings available for this rule.

Limit RST request per second

zevenet ipds dos rules limit rst per second

Limit RST request per source IP. Number of RST packets allowed per client or source IP address. This option acts like a soft limit.
Limit Burst. Number of allowed RST packets per source IP address before the limit of 1 per second blocking. This option acts like a hard limit.

Farms DoS Rules Settings

This section allows to assign farms to the DoS rules defined, through the Farms tab when updating a rule.

The available actions in this section are:

  • Add Farm. Add a new farm service in a given DoS rule. When assigning a new farm, a combo list of all the configured farms will be shown, either they’re running or not.
    zevenet ipds dos rules assign farm
  • Unset. Deallocate a farm service to a certain DoS rule and stop applying the rule to a given farm service.

The actions are applied one by one, or by a group of farms services through the multiple selector.

Share on:

Documentation under the terms of the GNU Free Documentation License.

Was this article helpful?

Related Articles