Netgear FVS336G-100NAS Reference Manual - Page 72
Attack Checks, Modifying Rules
View all Netgear FVS336G-100NAS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 72 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Modifying Rules To make changes to an existing outbound or inbound service rule: 1. In the Action column adjacent to the rule, do the following: • Click Edit to make any changes to the rule definition of an existing rule. The Outbound Service screen is displayed containing the data for the selected rule. • Click Up to move the rule up one position in the table rank. • Click Down to move the rule down one position in the table rank. 2. Check the radio box adjacent to the rule, then do the following: • Click Disable to disable the rule. The "!" Status icon will change from green to grey, indicating that the rule is disabled. (By default, when a rule is added to the table it is automatically enabled.) • Click Delete to delete the rule. 3. Click Select All to choose all rules. Attack Checks This screen allows you to specify whether or not the VPN firewall should be protected against common attacks in the LAN and WAN networks. The various types of attack checks are listed on the Attack Checks screen and defined below: • WAN Security Checks - Respond To Ping On Internet Ports. To allow the VPN firewall to respond to a Ping request from the Internet, click this check box. Ping can be used as a diagnostic tool. You shouldn't check this box unless you have a specific reason to do so. - Enable Stealth Mode. In stealth mode, the VPN firewall will not respond to port scans from the WAN, thus making it less susceptible to discovery and attacks. - Block TCP Flood. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker doesn't complete the connection, thus saturating the server with half-open connections. No legitimate connections can then be made. When blocking is enabled, the VPN firewall will limit the lifetime of partial connections and will be protected from a SYN flood attack. • LAN Security Checks 4-10 Firewall Protection and Content Filtering v1.0, October 2007