D-Link DFL-800-AV-12 User Manual - Page 139
HTTP, Syn Flood, Protection, Blacklisting, Whitelisting, Checked MIME filetypes
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 139 highlights
6.2.2. HTTP Chapter 6. Security Mechanisms ALGs and Syn Flood Protection It should be noted that user-defined custom Service objects have the option to enable Syn Flood Protection, a feature which specifically targets Syn Flood attacks. If this option is enabled for a Service object then any ALG associated with that Service will not be used. 6.2.2. HTTP Hyper Text Transfer Protocol (HTTP) is the primary protocol used to access the World Wide Web (WWW). It is a connectionless, stateless, application layer protocol based on a request/response architecture. A client, such as a Web browser, sends a request by establishing a TCP/IP connection to a known port (usually port 80) on a remote server. The server answers with a response string, followed by a message of its own. That message might be, for example, an HTML file to be shown in the Web browser or an ActiveX component to be executed on the client, or perhaps an error message. The HTTP protocol faces particular issues because of the wide variety of web sites that can be accessed and the range of file types that can be downloaded as a result of such access. The HTTP ALG is an extensive subsystem in NetDefendOS consisting of a number of modules. These consist of the following features which are described in the indicated dedicated sections of the manual: • Static Content Filtering - This deals with Blacklisting and Whitelisting of specific URLs. • URL Blacklisting - Specific URLs can be blacklisted so that they are not accessible. Wildcarding can be used when specifying these URLs. • URL Whitelisting - The opposite to blacklisting, this makes sure certain URLs are always allowed. Wildcarding can also be used for these URLs. It iss important to note that whitelisting a URL will mean that no checks such as virus-scanning or content filtering will be applied to the HTTP traffic. NetDefendOS will assume that the traffic from the URL can be "trusted". These features are described in depth in Section 6.3.3, "Static Content Filtering". • Dynamic Content Filtering - Access to specific URLs can be allowed or blocked according to policies for certain types of web content. Access to news sites might be allowed whereas access to gaming sites might be blocked. This feature is described in depth in Section 6.3.4, "Dynamic Web Content Filtering". • Anti-Virus Scanning - The contents of HTTP file downloads can be checked for viruses. The feature is described in depth in Section 6.4, "Anti-Virus Scanning". • Verify File Integrity - This part of the ALG deals with the filetype of downloaded files. • Verify MIME type - This is used to check that the filetype of the filename for file downloads agree with the contents of the file. All filetypes that are checked in this way by NetDefendOS are listed in Appendix C, Checked MIME filetypes. These filetypes are also listed in the Allow/Block list described below. Any file download that fails verfication is aborted by NetDefendOS. • Allow/Block Selected Types - This list option operates independently of the MIME verification option described above. The list operates in two modes: 139