The DoS or Denial of Service section within the IPDS module permits to configure and set protection rules at System or Farm service level.
The System rules are preloaded but the Farm rules should be configured by the administrator. This section shows the available lists:
NAME. Rule name identification. Click on it to enter to the editing form.
RULE. It’s the type of the rule. The different options will be:
- sshbruteforce. Protect the system against the SSH password bruteforce.
- limitsec: Connection limit per second. Protect the farm service limiting the number of connections per second accessing to the service.
- limitconns: Total connections limit per source IP. Protect the farm service limiting the number of connections per source IP accessing to the service.
- bogustcpflags: Check bogus TCP flags. Protect the farm service from bogus TCP flags packets.
- limitrst: Limit RST request per second. Protect the farm service of RST requests for TCP connections by limiting the RST packets per seconds accepted.
TYPE. System for global system rules and Farm for rules to be defined dedicated to certain farm services.
FARMS. The Farms to which the rule is applied. This field may be expanded using the small icon (little arrows) at the right side of the FARMS column header. By default is limited to 20 characters. If the list of farms is longer it is possible some of them are hided. Use that small icon to expand the view.
STATUS. Farm status are represented by the following status color codes:
- Green: Means ENABLED. The rule is actually being used.
- Red: Means DISABLED. The rule is not enabled, thus it is not having any effect on the farm.
ACTIONS. Allowed actions for the status of the DoS rules:
- Edit. To modify the rule global settings or assign a farm service if needed.
- Delete. Remove a created farm service rule.
- Enable. To activate a system rule.
- Disable. To deactivate a system rule.
- Create DoS rule. Create a new rule to be assigned to certain farm services.
Check out the video tutorial about DoS and test case.
Next step, create a custom DoS rule.