D-Link DSR-1000AC User Manual - Page 188

Attack Checks

Get D-Link DSR-1000AC PDF manuals and user guides View all D-Link DSR-1000AC manuals
Add to My Manuals
Save this manual to your list of manuals

Page 188 highlights

Section 8 - Security Attack Checks Path: Security > Firewall > Attack Checks Attacks can be malicious security breaches or unintentional network issues that render the router unusable Attack checks allow you to manage WAN security threats such as continual ping requests and discovery via ARP scans. TCP and UDP flood attack checks can be enabled to manage extreme usage of WAN resources. Additionally certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if uninhibited, can use up processing power and bandwidth and prevent regular network services from running normally. ICMP packet flooding, SYN traffic flooding, and Echo storm thresholds can be configured to temporarily suspect traffic from the offending source. 1. Click Security > Firewall > Attack Checks. 2. Complete the fields from the table below and click Save. Field Stealth Mode Block TCP Flood Block UDP Flood Allow Ping from LAN Block ICMP Notification Block Fragmented Packets Block Multicast Packets Block Spoofed IP Packets SYN Flood Detect Rate Echo Storm ICMP Flood Description If this option is toggled to ON, the router will not respond to port scans from the WAN. This makes it less susceptible to discovery and attacks. If this option is toggled to ON, the router will drop all invalid TCP packets and be protected from a SYN flood attack. If this option is toggled to ON, the router will not accept more than 20 simultaneous, active UDP connections from a single computer on the LAN. You can set the number of simultaneous active UDP connections to be accepted from a single computer on the LAN; the default is 25. Toggle to ON to allow local computers to ping. Toggle to ON to prevent ICMP packets from being identified as such. ICMP packets, if identified, can be captured and used in a Ping (ICMP) flood DoS attack. Toggle to ON to drop any fragmented packets through or to the gateway Toggle to ON to drop multicast packets, which could indicate a spoof attack, through or to the router. Toggle to ON to block any spoofed IP packets. The rate at which the SYN Flood can be detected. The number of ping packets per second at which the router detects an Echo storm attack from the WAN and prevents further ping traffic from that external address. The number of ICMP packets per second at which the router detects an ICMP flood attack from the WAN and prevents further ICMP traffic from that external address. D-Link DSR-Series User Manual 175

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
D-Link DSR-Series User Manual
175
Section 8 - Security
Attack Checks
Path: Security > Firewall > Attack Checks
Attacks can be malicious security breaches or unintentional network issues that render the router unusable
Attack checks allow you to manage WAN security threats such as continual ping requests and discovery via ARP
scans. TCP and UDP flood attack checks can be enabled to manage extreme usage of WAN resources.
Additionally certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if uninhibited, can use up
processing power and bandwidth and prevent regular network services from running normally. ICMP packet
flooding, SYN traffic flooding, and Echo storm thresholds can be configured to temporarily suspect traffic from
the offending source.
1. Click
Security
>
Firewall
>
Attack Checks
.
2. Complete the fields from the table below and click
Save
.
Field
Description
Stealth Mode
If this option is toggled to
ON
, the router will not respond to port scans from the WAN. This makes it
less susceptible to discovery and attacks.
Block TCP Flood
If this option is toggled to
ON
, the router will drop all invalid TCP packets and be protected from a
SYN flood attack.
Block UDP Flood
If this option is toggled to
ON
, the router will not accept more than 20 simultaneous, active UDP
connections from a single computer on the LAN. You can set the number of simultaneous active
UDP connections to be accepted from a single computer on the LAN; the default is 25.
Allow Ping from LAN
Toggle to
ON
to allow local computers to ping.
Block ICMP Notification
Toggle to
ON
to prevent ICMP packets from being identified as such. ICMP packets, if identified, can
be captured and used in a Ping (ICMP) flood DoS attack.
Block Fragmented Packets
Toggle to
ON
to drop any fragmented packets through or to the gateway
Block Multicast Packets
Toggle to
ON
to drop multicast packets, which could indicate a spoof attack, through or to the
router.
Block Spoofed IP Packets
Toggle to
ON
to block any spoofed IP packets.
SYN Flood Detect Rate
The rate at which the SYN Flood can be detected.
Echo Storm
The number of ping packets per second at which the router detects an Echo storm attack from the
WAN and prevents further ping traffic from that external address.
ICMP Flood
The number of ICMP packets per second at which the router detects an ICMP flood attack from the
WAN and prevents further ICMP traffic from that external address.