Packet dropped UDP/ICMP flood protection

UDP and ICMP Flood Attacks are a type of denial-of-service (DoS) attack.They are initiated by sending a large number of UDP or ICMP packets to a remote host.

As a result, the victimized system’s resources will be consumed with handling the attacking packets, which eventually causes the system to be unreachable by other clients.

The image below shows an example of UDP flood protection packet dropped:

Below shows a Possible UDP flood attack detected message:

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

•  In Flood Protection | UDP Tab | Uncheck "Enable UDP Flood Protection".  
  
  
  

  The same Logic can be applied for the ICMP flood protection:

• 
  

   In Flood Protection | ICMP Tab | Uncheck "Enable ICMP Flood Protection".
              

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

If the traffic detected is legitimate or a false positive, as part of a troubleshooting process or solution of the issue it’s possible to disable the UDP flood protection as shown below:

•  In Flood Protection | UDP Tab | Uncheck "Enable UDP Flood Protection".
         
  The same Logic can be applied for the ICMP flood protection:
• In Flood Protection | ICMP Tab | Uncheck "Enable ICMP Flood Protection".