Discuss this help topic in SecureBlackbox Forum
Specifies whether to use client verification.
Declaration
Description
If this property is set to
True, DTLS server will verify the client which is trying to connect to it.
When the client sends its
ClientHello message to the server, the server may respond with a
HelloVerifyRequest message.
This message contains a stateless cookie which includes client's ID. The client must retransmit the
ClientHello with the cookie added.
The server then verifies the cookie and proceeds with the handshake only if it is valid.
Such mechanism provides a possibility to deny DoS attacks from false IP addresses, however it does not provide any defense against DoS attacks mounted from valid IP addresses.