6.2.8. H.323
......................................................................................
155
6.3. Web Content Filtering
...........................................................................
169
6.3.1. Overview
.................................................................................
169
6.3.2. Active Content Handling
.............................................................
169
6.3.3. Static Content Filtering
...............................................................
170
6.3.4. Dynamic Web Content Filtering
...................................................
172
6.4. Anti-Virus Scanning
.............................................................................
183
6.4.1. Overview
.................................................................................
183
6.4.2. Implementation
.........................................................................
183
6.4.3. Activating Anti-Virus Scanning
....................................................
184
6.4.4. The Signature Database
..............................................................
184
6.4.5. Subscribing to the D-Link Anti-Virus Service
.................................
184
6.4.6. Anti-Virus Options
.....................................................................
184
6.5. Intrusion Detection and Prevention
..........................................................
188
6.5.1. Overview
.................................................................................
188
6.5.2. IDP Availability in D-Link Models
...............................................
188
6.5.3. IDP Rules
.................................................................................
190
6.5.4. Insertion/Evasion Attack Prevention
..............................................
191
6.5.5. IDP Pattern Matching
.................................................................
192
6.5.6. IDP Signature Groups
.................................................................
192
6.5.7. IDP Actions
..............................................................................
194
6.5.8. SMTP Log Receiver for IDP Events
..............................................
194
6.6. Denial-Of-Service (DoS) Attacks
............................................................
198
6.6.1. Overview
.................................................................................
198
6.6.2. DoS Attack Mechanisms
.............................................................
198
6.6.3.
Ping of Death
and
Jolt
Attacks
.....................................................
198
6.6.4. Fragmentation overlap attacks:
Teardrop, Bonk, Boink and Nestea
......
199
6.6.5. The
Land
and
LaTierra
attacks
.....................................................
199
6.6.6. The
WinNuke
attack
...................................................................
199
6.6.7. Amplification attacks:
Smurf, Papasmurf, Fraggle
...........................
200
6.6.8. TCP SYN Flood Attacks
.............................................................
201
6.6.9. The
Jolt2
Attack
........................................................................
201
6.6.10. Distributed DoS Attacks
............................................................
201
6.7. Blacklisting Hosts and Networks
.............................................................
202
7. Address Translation
........................................................................................
204
7.1. Dynamic Network Address Translation
....................................................
204
7.2. NAT Pools
..........................................................................................
207
7.3. Static Address Translation
.....................................................................
210
7.3.1. Translation of a Single IP Address (1:1)
.........................................
210
7.3.2. Translation of Multiple IP Addresses (M:N)
....................................
213
7.3.3. All-to-One Mappings (N:1)
.........................................................
215
7.3.4. Port Translation
.........................................................................
216
7.3.5. Protocols handled by SAT
...........................................................
216
7.3.6. Multiple SAT rule matches
..........................................................
217
7.3.7. SAT and FwdFast Rules
..............................................................
217
8. User Authentication
........................................................................................
220
8.1. Overview
............................................................................................
220
8.2. Authentication Setup
.............................................................................
221
8.2.1. Setup Summary
.........................................................................
221
8.2.2. The Local Database
....................................................................
221
8.2.3. External Authentication Servers
....................................................
221
8.2.4. Authentication Rules
..................................................................
222
8.2.5. Authentication Processing
...........................................................
223
8.2.6. HTTP Authentication
.................................................................
223
9. VPN
.............................................................................................................
229
9.1. Overview
............................................................................................
229
9.1.1. The Need for VPNs
....................................................................
229
9.1.2. VPN Encryption
........................................................................
229
9.1.3. VPN Planning
...........................................................................
229
9.1.4. Key Distribution
........................................................................
230
9.2. VPN Quickstart Guide
..........................................................................
231
9.2.1. IPsec LAN to LAN with Pre-shared Keys
.......................................
231
9.2.2. IPsec Roaming Clients with Pre-shared Keys
..................................
232
User Manual
6