Netgear FVS338 FVS338 Reference Manual - Page 64
Attack Checks, WAN Security Checks, Respond To Ping On Internet Ports, Enable Stealth Mode
UPC - 606449037197
View all Netgear FVS338 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 64 highlights
FVS338 ProSafe VPN Firewall 50 Reference Manual Figure 4-4 Attack Checks This screen allows you to specify whether or not the router should be protected against common attacks in the LAN and WAN networks. The various types of attack checks are listed on the Attack Checks screen and defined below: • WAN Security Checks - Respond To Ping On Internet Ports. When enabled, the router will respond to a "Ping" from the Internet. This can be used as a diagnostic tool and shouldn't be used unless you have a specific diagnostic reason to do so. - Enable Stealth Mode. If enabled, the router will not respond to port scans from the WAN, thus making it less susceptible to discovery and attacks. - Block TCP Flood. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker doesn't complete the connections, thus leaving the connection half-open and flooding the server with SYN messages. No legitimate connections can then be made. When enabled, the router will drop all invalid TCP packets and will be protected from a SYN flood attack. • LAN Security Checks. A UDP flood is a form of denial of service attack that can be initiated when one machine sends a large number of UDP packets to random ports on a remote host. As a result, the distant host will (1) check for the application listening at that port, (2) verify that no application is listening at that port, and then (3) reply with an ICMP Destination Unreachable packet. 4-10 Firewall Protection and Content Filtering v1.0, March 2009