The main tasks you
will do here are opening and closing ports and protocols.
Table 11.3 Flood Mitigation Options
Potential Flood Attacks Description
Maximum TCP connect requests This setting defi nes how many SYN
per minute per IP address packets a host can send per minute.
Maximum concurrent TCP connections This defi nes the maximum number of
per IP address TCP connections a host can have open
at once.
Maximum half-open TCP connections This defi nes the maximum number of
TCP connections that have gone halfway
through the TCP three-way handshake
(in other words the offending host has
sent a SYN packet and the destination
host has replied with a SYN-ACK packet)
a host can have open at once.
Maximum HTTP requests per This setting defi nes how many HTTP
minute per IP address requests a host can send per minute.
Maximum new non-TCP sessions This setting defi nes how many sessions
per minute per rule that are not TCP-based a host can initiate
per minute even if they are allowed by
a rule.
Maximum concurrent UDP sessions This defi nes the maximum number of
per IP address UDP connections a host can have open
at once.
404 Chapter 11 ??? Confi guring Microsoft Internet Security and Acceleration Server 2006
The fi rst thing you need to know when dealing with any fi rewall is whether the
fi rewall uses a fi rst match or last match rule processing engine. ISA Firewall uses a last
match rule policy, and comes with a last rule that blocks all traffi c.
Pages:
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401