User Manual
Chart 2 Fuctions
2.5 Firewall
A
P
This device is supporting the following firewall functions.
The inaccurate packet detected by the firewall function cancels.
The firewall function can be used by setting the "Firewall" status of the "System Security" menu to enable.
Regarding to the settings of firewall function,
"
5.2 System Security
".
Please refer to
2.5.1 DoS Prevention (DoS:Denial of Services)
DoS is the general term of the attack from a malicious third-party through the network, and inaccurate
data is transmitted to disable a computer or a router to paralyze the network traffic flow.
The functions which can detect Dos attacks are the following six types and Packet Violating
(violation of a packet).
IP Spoofing
To masquerade the self-IP as a IP address of the target to attack or break through
firewall.
Land Attack
To transmit a SYN packet and to make the device lapse into a endless loop.
Ping of Death
To use Ping and send the huge and oversize IP packet to the device, and to
crash the target.
The attack way for the bug of a TCP/IP protocol stack.
Smurf Attack
By sending ping requests to a broadcast address on the target network or an
intermediate network. The return address is spoofed to the target address.
Since all nodes on the subnet pick up a broadcast address, generating hundreds
of responses from one request and eventually causing a traffic overload.
Ping Flood
A simple Denial of service attack where the attacker overwhelms the victim with
ICMP Echo Request (ping) packets.
UDP Flood
An attacker sends a UDP packet to a random port on the target system.
Packet Violating
To send the packet of the inaccurate format created in order to crash the TCP/IP
protocol stack.
Regarding to the result of detection by this device,
It will display in
"(1)Security Log "of "6.1.2 System Log"
2.5.2 Intrusion detection
Detect the inaccurate access to this device
Regarding to the result of detection by this device,
It will display in
"(1)Security Log "of "6.1.2 System Log"
2-5