D-Link DFL-300 User Manual - Page 31

Detect Ping of Death Attack, Filter IP Source Route Option

Get D-Link DFL-300 - Security Appliance PDF manuals and user guides
UPC - 790069240751
View all D-Link DFL-300 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 31 highlights

number of ICMP packets per second that is allowed to enter the network/firewall. Once the ICMP packets exceed this limit, the activity will be logged in Alarm and an email alert is sent to the Administrator. The default ICMP flood threshold is set to 1000 Pkts/Sec. Detect UDP Flood: Select this option to detect UDP flood attacks. A UDP flood attack is similar to an ICMP flood attack. After enabling this function, the System Administrator can enter the number of UDP packets per second that is allow to enter the network/firewall. Once the UDP packets exceed this limit, the activity will be logged in Alarm and an email alert is sent to the Administrator. The default UDP flood threshold is set to 1000 Pkts/Sec. Detect Ping of Death Attack: Select this option to detect the attacks of tremendous trash data in PING packets that hackers send to cause System malfunction This attack can cause network speed to slow down, or even make it necessary to restart the computer to get a normal operation. Detect Tear Drop Attack: Select this option to detect tear drop attacks. These are packets that are segmented to small packets with negative length. Some Systems treat the negative value as a very large number, and copy enormous data into the System to cause System damage, such as a shut down or a restart. Detect IP Spoofing Attack: Select this option to detect spoof attacks. Hackers disguise themselves as trusted users of the network in Spoof attacks. They use a fake identity to try to pass through the Firewall System and invade the network. Filter IP Source Route Option: Each IP packet can carry an optional field that specifies the replying address that can be different from the source address specified in packet's header. Hackers can use this address field on disguised packets to invade internal networks and send internal networks' data back to them. Detect Port Scan Attack: Select this option to detect the port scans hackers use to continuously scan networks on the Internet to detect computers and vulnerable ports that are opened by those computers. - 31 -

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
- 31 -
number of ICMP packets per second that is allowed to enter the
network/firewall.
Once the ICMP packets exceed this limit, the
activity will be logged in
Alarm
and an email alert is sent to the
Administrator.
The default ICMP flood threshold is set to 1000
Pkts/Sec.
±
Detect UDP Flood
: Select this option to detect UDP flood attacks.
A UDP flood attack is similar to an ICMP flood attack.
After
enabling this function, the System Administrator can enter the
number of UDP packets per second that is allow to enter the
network/firewall.
Once the UDP packets exceed this limit, the
activity will be logged in
Alarm
and an email alert is sent to the
Administrator.
The default UDP flood threshold is set to 1000
Pkts/Sec.
±
Detect Ping of Death Attack:
Select this option to detect the
attacks of tremendous trash data in PING packets that hackers
send to cause System malfunction This attack can cause network
speed to slow down, or even make it necessary to restart the
computer to get a normal operation.
±
Detect Tear Drop Attack:
Select this option to detect tear drop
attacks.
These are packets that are segmented to small packets
with negative length.
Some Systems treat the negative value as a
very large number, and copy enormous data into the System to
cause System damage, such as a shut down or a restart.
±
Detect IP Spoofing Attack:
Select this option to detect spoof
attacks.
Hackers disguise themselves as trusted users of the
network in
Spoof attacks
.
They use a fake identity to try to pass
through the Firewall System and invade the network.
±
Filter IP Source Route Option:
Each IP packet can carry an
optional field that specifies the replying address that can be different
from the source address specified in packet’s header. Hackers can
use this address field on disguised packets to invade internal
networks and send internal networks’ data back to them.
±
Detect Port Scan Attack:
Select this option to detect the port
scans hackers use to continuously scan networks on the Internet to
detect computers and vulnerable ports that are opened by those
computers.