Book Image

Untangle Network Security

By : Abd El Monem A Mohamed El Bawab
Book Image

Untangle Network Security

By: Abd El Monem A Mohamed El Bawab

Overview of this book

Table of Contents (21 chapters)
Untangle Network Security
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Protecting against DoS attacks


DoS attacks are done by initiating as many sessions as possible on the victim server as an attempt to make this server unresponsive or unavailable. Untangle Shield (previously known as Attack Blocker) is used to protect Untangle NGFW and the network against DoS attacks.

Managing the shield

The Shield (located under Config | System | Shield) monitors the clients' session creation rate. Every time a client initiates a session, the Shield will calculate the session creation rate of that client. If this rate is considered to be too high, the Shield will refuse any additional sessions from that client.

Note

The Shield is enabled by default and should not be disabled unless for troubleshooting.

The Shield runs during session initialization, and it only monitors the session creation rate. The Shield is not able to see or scan the session traffic.

The default session creation rate limit is one user (which is a reasonable number of sessions that can be created by a single...