Netgear FVX538 FVX538 Reference Manual - Page 76

ProSafe VPN Firewall 200 FVX538 Reference Manual 2. Complete the Outbound Service screen, and save the data (see "Outbound Rules (Service Blocking)" on page 4-3). 3. Click Reset to cancel your settings and return to the previous settings. 4. Click Apply to save your changes and reset the fields on this screen. The new rule will be listed on the Outbound Services table. LAN DMZ Inbound Services Rules To define an Inbound LAN DMZ Rule: 1. Click Add under the Inbound Services table. The Add LAN DMZ Inbound Service screen will display. 2. Complete the Inbound Service screen and save the data (see "Inbound Rules (Port Forwarding)" on page 4-6). 3. Click Reset to cancel your settings and return to the previous settings. 4. Click Apply to save your settings. The new rule will be added to the Inbound Services table. Attack Checks This screen allows you to specify whether or not the router should be protected against common attacks in the DMZ, LAN and WAN networks. The various types of attack checks are listed on the Attack Checks screen and defined below: • WAN Security Checks - Respond To Ping On Internet Ports. If you want the router to respond to a "Ping" from the Internet, click this check box. This can be used as a diagnostic tool. You shouldn't check this box unless you have a specific reason to do so. - Enable Stealth Mode. If enabled, the router will not respond to port scans from the WAN, thus making it less susceptible to discovery and attacks. - Block TCP Flood. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker doesn't complete the connections, thus leaving the connection half-open and flooding the server with SYN messages. No legitimate connections can then be made. When enabled, the router will drop all invalid TCP packets and will be protected from a SYN flood attack. 4-16 Firewall Protection and Content Filtering v1.0, March 2009