User`s manual
RX3042H User's Manual
Getting to Know RX3042H
5
ACL is a very appropriate measure for providing isolation of one
subnet from another. It can be used as the first line of defense in
the network to block inbound packets of specific types from ever
reaching the protected network.
The RX3042H Firewallʼs ACL methodology supports:
• Filtering based on destination and source IP address, port
number and protocol
• Use of the wild card for composing filter rules
• Filter Rule priorities
2.3.2.3 Defense against DoS Attacks
The RX3042H Firewall has an Attack Defense Engine that protects
internal networks from known types of Internet attacks. It provides
automatic protection from Denial of Service (DoS) attacks such
as SYN flooding, IP smurfing, LAND, Ping of Death and all re-
assembly attacks. For example, the RX3042H Firewall provides
protection from “WinNuke”, a widely used program to remotely
crash unprotected Windows systems in the Internet. The RX3042H
Firewall also provides protection from a variety of common Internet
attacks such as IP Spoofing, Ping of Death, Land Attack, and
Reassembly attacks.
The type of attack protections provided by the RX3042H is listed in
Table 2.1.
Table 2.1. DoS Attacks
Type of Attack Name of Attacks
Re-assembly Attacks Bonk, Boink, Teardrop ( New Tear),
Overdrop, Opntear, Syndrop, Jolt, IP
fragmentation overlap.
ICMP Attacks Ping of Death, Smurf, Twinge
Flooders Logging only for ICMP Flooder, UDP
Flooder, SYN Flooder
Port Scans Logging only for TCP SYN Scan,
Attacking packets dropped: TCP
XMAS Scan, TCP Null Scan, TCP
Stealth Scan
Protection with PF Rules Echo-Chargen, Ascend Kill
Miscellaneous Attacks IP Spoofing, LAND, Targa, Winnuke