Netgear FVS336G FVS336G Reference Manual - Page 73
Attack Checks, Security > Firewall, Apply, WAN Security Checks, Respond To Ping On Internet Ports - vpn problem
UPC - 606449052015
View all Netgear FVS336G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 73 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Attack Checks The Attack Checks menu allows you to specify whether or not the VPN firewall should be protected against common attacks in the LAN and WAN networks. To enable the appropriate Attack Checks for your environment: 1. Select Security > Firewall from the main menu and click Attack Checks to display the Attack Checks tab page. Figure 4-9 2. Check the boxes for the Attack Checks you wish to monitor. The various types of attack checks are listed and defined below. 3. Click Apply to save your settings. The various types of attack checks listed on the Attack Checks screen are: • WAN Security Checks - Respond To Ping On Internet Ports-By default, the VPN firewall does not respond to an ICMP Echo (ping) packet coming from the Internet or WAN side. We recommend that you leave this option disabled to prevent hackers from easily discovering the VPN firewall via a ping, but it can be enabled as a diagnostic tool for connectivity problems. - Enable Stealth Mode-In stealth mode, the VPN firewall will not respond to port scans from the WAN or Internet, which makes it less susceptible to discovery and attacks. - Block TCP Flood. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker doesn't complete the connection, thus saturating the server with half-open connections. No legitimate connections can then be made. Firewall Protection and Content Filtering v1.0, March 2009 4-17