D-Link DFL-80 User Manual - Page 27

Filter IP Source Route Option

Get D-Link DFL-80 PDF manuals and user guides View all D-Link DFL-80 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

! Detect UDP Flood: Select this option to detect UDP flood attacks. A UDP flood attack is similar to an ICMP flood attack. After enabling this function, the System Administrator can enter the number of UDP packets per second that is allow to enter the network/firewall. Once the UDP packets exceed this limit, the activity will be logged in Alarm and an email alert is sent to the Administrator. The default UDP flood threshold is set to 1000 Pkts/Sec . ! Detect Ping of Death Attack: Select this option to detect the attacks of tremendous trash data in PING packets that hackers send to cause System malfunction This attack can cause network speed to slow down, or even make it necessary to restart the computer to get a normal operation. ! Detect Tear Drop Attack: Select this option to detect tear drop attacks. These are packets that are segmented to small packets with negative length. Some Systems treat the negative value as a very large number, and copy enormous data into the System to cause System damage, such as a shut down or a restart. ! Detect IP Spoofing Attack: Select this option to detect spoof attacks. Hackers disguise themselves as trusted users of the network in Spoof attacks. They use a fake identity to try to pass through the Firewall System and invade the network. ! Filter IP Source Route Option: Each IP packet can carry an optional field that specifies the replying address that can be different from the source address specified in packet's header. Hackers can use this address field on disguised packets to invade internal networks and send internal networks' data back to them. ! Detect Port Scan Attack: Select this option to detect the port scans hackers use to continuously scan networks on the Internet to detect computers and vulnerable ports that are opened by those computers. ! Detect Land Attack: Some Systems may shut down when receiving packets with the same source and destination addresses, the same source port and destination port, and when SYN on the TCP header is marked. Enable this function to detect such abnormal packets. ! Default Packet Deny: Denies all packets from passing the Firewall. A packet can pass only when there is a policy that allows it to pass. After enabling the needed detect functions, click OK to activate the changes. 27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
27
!
Detect UDP Flood
: Select this option to detect UDP flood attacks.
A
UDP flood attack is similar to an ICMP flood attack.
After enabling this
function, the System Administrator can enter the number of UDP packets
per second that is allow to enter the network/firewall.
Once the UDP
packets exceed this limit, the activity will be logged in
Alarm
and an
email alert is sent to the Administrator.
The default UDP flood threshold
is set to 1000 Pkts/Sec .
!
Detect Ping of Death Attack:
Select this option to detect the attacks of
tremendous trash data in PING packets that hackers send to cause
System malfunction This attack can cause network speed to slow down,
or even make it necessary to restart the computer to get a normal
operation.
!
Detect Tear Drop Attack:
Select this option to detect tear drop attacks.
These are packets that are segmented to small packets with negative
length.
Some Systems treat the negative value as a very large number,
and copy enormous data into the System to cause System damage,
such as a shut down or a restart.
!
Detect IP Spoofing Attack:
Select this option to detect spoof attacks.
Hackers disguise themselves as trusted users of the network in
Spoof
attacks
.
They use a fake identity to try to pass through the Firewall
System and invade the network.
!
Filter IP Source Route Option:
Each IP packet can carry an optional
field that specifies the replying address that can be different from the
source address specified in packet’s header. Hackers can use this
address field on disguised packets to invade internal networks and send
internal networks’ data back to them.
!
Detect Port Scan Attack:
Select this option to detect the port scans
hackers use to continuously scan networks on the Internet to detect
computers and vulnerable ports that are opened by those computers.
!
Detect Land Attack:
Some Systems may shut down when receiving
packets with the same source and destination addresses, the same
source port and destination port, and when
SYN
on the TCP header is
marked.
Enable this function to detect such abnormal packets.
!
Default Packet Deny:
Denies all packets from passing the Firewall. A
packet can pass only when there is a policy that allows it to pass.
After enabling the needed detect functions, click
OK
to activate the changes.