Denial of Service Properties |
|
Certain DoS attacks are made by sending requests that are very large in size. To block requests that are larger than a given size, the following DOS properties are useful and can be added to Management Console:
| Property | Default Value | Description |
|---|---|---|
| security.dos.default.requestLength | 15360 Kilobytes | The value of this property determines the maximum size of a request that can be received from any user. Requests sent by any user will blocked if they exceed this size. This value must be specified in KB. |
| security.dos.<user ID>.requestLength | not applicable | The value of this property determines the maximum size of a request that can be received from a particular authenticated user. This value must be specified in KB. This value is given priority over the value of the security.dos.default.requestLength property. |
A DoS attack may involve a single user sending multiple requests within a short span and blocking the network. To avoid receiving requests exceeding a number within a given duration from any user, the DoS properties described in the following table can be added to Management Console:
| Property | Default Value | Description |
|---|---|---|
| security.dos.watchInterval | 1000 ms | The value of this property determines the duration within which a certain number of requests can be received from any user. The duration must be specified in milliseconds. |
| security.dos.default.numRequest | 100 | The value of this property determines the maximum number of requests that can be received from any user, within the duration specified in the security.dos.watchInterval property. |
| security.dos.ClearPeriod | 300000 ms | The value of this property determines the duration for which a user must be blocked if the requests from the user exceeds the given number within the given duration. The duration must be specified in milliseconds. This also indicates per how many milliseconds the block is cleared, thus making the blocked time between this value and two times this value. |
| security.dos.<user ID>.numRequest | not applicable |
The value of this property determines the maximum number of requests that can be received from a particular authenticated user, within the duration specified in the |