D-Link DFL-80 User Manual - Page 27
Filter IP Source Route Option
View all D-Link DFL-80 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 27 highlights
! Detect UDP Flood: Select this option to detect UDP flood attacks. A UDP flood attack is similar to an ICMP flood attack. After enabling this function, the System Administrator can enter the number of UDP packets per second that is allow to enter the network/firewall. Once the UDP packets exceed this limit, the activity will be logged in Alarm and an email alert is sent to the Administrator. The default UDP flood threshold is set to 1000 Pkts/Sec . ! Detect Ping of Death Attack: Select this option to detect the attacks of tremendous trash data in PING packets that hackers send to cause System malfunction This attack can cause network speed to slow down, or even make it necessary to restart the computer to get a normal operation. ! Detect Tear Drop Attack: Select this option to detect tear drop attacks. These are packets that are segmented to small packets with negative length. Some Systems treat the negative value as a very large number, and copy enormous data into the System to cause System damage, such as a shut down or a restart. ! Detect IP Spoofing Attack: Select this option to detect spoof attacks. Hackers disguise themselves as trusted users of the network in Spoof attacks. They use a fake identity to try to pass through the Firewall System and invade the network. ! Filter IP Source Route Option: Each IP packet can carry an optional field that specifies the replying address that can be different from the source address specified in packet's header. Hackers can use this address field on disguised packets to invade internal networks and send internal networks' data back to them. ! Detect Port Scan Attack: Select this option to detect the port scans hackers use to continuously scan networks on the Internet to detect computers and vulnerable ports that are opened by those computers. ! Detect Land Attack: Some Systems may shut down when receiving packets with the same source and destination addresses, the same source port and destination port, and when SYN on the TCP header is marked. Enable this function to detect such abnormal packets. ! Default Packet Deny: Denies all packets from passing the Firewall. A packet can pass only when there is a policy that allows it to pass. After enabling the needed detect functions, click OK to activate the changes. 27