Security
Denial of Service Prevention
343 Cisco Small Business 300 Series Managed Switch Administration Guide
17
STEP 1 Click Security > Denial of Service Prevention > Security Suite Settings. The
Security Suite Settings displays.
CPU Protection Mechanism: Enabled indicates that SCT is enabled.
STEP 2 Click Details beside CPU Utilization to go to the CPU Utilization page and view
CPU resource utilization information.
STEP 3 Click Edit beside TCP SYN Protection to go to the SYN Protection page and
enable this feature.
STEP 4 Select DoS Prevention to enable the feature.
• Disable—Disable the feature.
• System-Level Prevention—Enable that part of the feature that prevents
attacks from Stacheldraht Distribution, Invasor Trojan, and Back Orifice
Trojan.
STEP 5 If System-Level Prevention or System-Level and Interface-Level Prevention is
selected, enable one or more of the following DoS Prevention options:
• Stacheldraht Distribution—Discards TCP packets with source TCP port
equal to 16660.
• Invasor Trojan—Discards TCP packets with destination TCP port equal to
2140 and source TCP port equal to 1024.
• Back Orifice Trojan—Discards UDP packets with destination UDP port
equal to 31337 and source UDP port equal to 1024.
STEP 6 Click Apply. The Denial of Service prevention Security Suite settings are written to
the Running Configuration file.
• If Interface-Level Prevention is selected, click the appropriate Edit button to
configure the desired prevention.
