HP T5700 HP Sygate Security Agent User Guide - Page 53

Configuring the Agent's Settings, Enable port scan detection, Enable driver level protection - hack

Get HP T5700 - Compaq Thin Client PDF manuals and user guides View all HP T5700 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 53 highlights

Configuring the Agent's Settings analyzes network packets and compares them with both known attacks and known patterns of attack, and then blocks those attacks. One of the key capabilities of the Intrusion Prevention System is its capability to do deep packet Inspection. By default, this option is enabled on the Agent. Enable port scan detection Detects if someone is scanning your ports, and notifies you. Port scanning is a popular method that hackers use to determine which of your device's ports are open to communication. Ports are dynamically blocked by the Agent and are therefore protected from hacking attempts. If disabled, the Agent does not detect scans or notify you of them, but still protects your ports from hacking attempts. By default, this option is enabled on the Agent. Enable driver level protection Blocks protocol drivers from accessing the network unless the user gives permission. If a protocol driver attempts to access the network, you will see a pop-up message asking if you want to allow it. By default, this option is already enabled on the Agent. Enable stealth mode browsing Stealth mode describes a computer that is hidden from web servers while on a network. A computer on the Internet, for instance, if in stealth mode, cannot be detected by port scans or communication attempts, such as ping. By default, this option is disabled on the Agent. Enable DoS detection Causes the Agent to check incoming traffic for known Denial of Service (DoS) attack patterns. DoS attacks are characterized by an explicit attempt by an intruder to prevent legitimate users of a service from using that service. By default, this option is enabled on the Agent. Block Universal Plug and Play Traffic Causes the Agent to look for and block UPnP traffic to counter the vulnerabilities that are introduced by this operating system feature: The first vulnerability could enable an attacker to gain complete control over an affected system, while the second vulnerability could enable an attacker to either prevent an affected system from providing useful service or utilize multiple users' systems in a distributed denial of service attack against a single target. Users can disable this feature when using applications that require the UPnP protocol to operate. By default, this option is enabled in the Agent. 43

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
Configuring the Agent's Settings
analyzes network packets and compares them with both known attacks and known patterns
of attack, and then blocks those attacks. One of the key capabilities of the Intrusion
Prevention System is its capability to do deep packet Inspection. By default, this option is
enabled on the Agent.
Enable port scan detection
Detects if someone is scanning your ports, and notifies you. Port scanning is a popular
method that hackers use to determine which of your device’s ports are open to
communication. Ports are dynamically blocked by the Agent and are therefore protected
from hacking attempts.
If disabled, the Agent does not detect scans or notify you of them, but still protects your
ports from hacking attempts. By default, this option is enabled on the Agent.
Enable driver level protection
Blocks protocol drivers from accessing the network unless the user gives permission. If a
protocol driver attempts to access the network, you will see a pop-up message asking if you
want to allow it. By default, this option is already enabled on the Agent.
Enable stealth mode browsing
Stealth mode
describes a computer that is hidden from web servers while on a network. A
computer on the Internet, for instance, if in stealth mode, cannot be detected by port scans
or communication attempts, such as
ping
. By default, this option is disabled on the Agent.
Enable DoS detection
Causes the Agent to check incoming traffic for known Denial of Service (DoS) attack
patterns. DoS attacks are characterized by an explicit attempt by an intruder to prevent
legitimate users of a service from using that service. By default, this option is enabled on the
Agent.
Block Universal Plug and Play Traffic
Causes the Agent to look for and block UPnP traffic to counter the vulnerabilities that are
introduced by this operating system feature: The first vulnerability could enable an attacker
to gain complete control over an affected system, while the second vulnerability could enable
an attacker to either prevent an affected system from providing useful service or utilize
multiple users’ systems in a distributed denial of service attack against a single target. Users
can disable this feature when using applications that require the UPnP protocol to operate.
By default, this option is enabled in the Agent.
43