Manualshelf

Operation Manual

ManualsBrandsOutpost Firewall ManualsFirewallVersie 4.0
41424344454647484950
Plug-Ins
41
Play sound alarm
when attack is detectedif selected, Outpost Firewall will
play the specified audio file every time an attack is detected.
Block intruder IP forif selected, blocks all network exchanges from the
computer attacking yours for the number of minutes you set (60 minutes by default).
o
Also block intruder subnet—if selected, blocks all network exchanges
from the entire subnet to which the intruder belongs.
Ethernet Attacks
When data is sent from one computer to another over a local network, the sending machine
broadcasts an ARP (IP-to-Ethernet address lookup) request to determine the MAC address
based on the IP address of the target machine and waits for it to send back its MAC
address. During the time between the packet broadcast and the MAC address response, data
is vulnerable to tampering, hijacking, and/or redirection to an unauthorized third party.
Attack Detection plug-in also detects and averts particular Ethernet attacks such as IP
spoofing, ARP scanning, ARP flood and others by inspecting Ethernet and Wi-Fi
connections thus protecting your system from invasions on a local network. To specify the
Ethernet attacks prevention settings, select the Ethernet tab in the plug-in properties
window. The following options are available:
Enable smart ARP filtering. Prevents ARP spoofing - where a node starts sending
a huge number of ARP replies with varying MAC addresses in a short time span,
trying to overload the network equipment as it tries to determine which MAC
address actually belongs to the node. If enabled, Outpost Firewall Pro only permits
incoming replies from other hosts for which there was a previous outgoing request.
Only the first ARP reply is accepted for each request. Smart ARP filtering also
protects from ARP cache poisoning, which occurs when someone succeeds in
intercepting Ethernet traffic using fake ARP replies in an effort to change the
address of a network card to one that an attacker can monitor. Additionally, it
prevents ARP floods - where a huge number of bogus ARP replies are sent to the
target machine freezing a system.
Detect IP address spoofing and block IP flood. Detects when an attacker falsifies
or forges his IP address and blocks abnormal volumes of traffic which may
otherwise overload a computer. This option cannot stop the network from being
flooded but can protect the PC from overload.
Prevent gateway network adapter MAC spoofing. Detects any attempt by an
attacker to associate a gateway network adapter IP address with their own MAC
address to allow them to intercept packets. Hackers can substitute legitimate MAC
addresses with ones of their own and reroute legitimate traffic to a hacker-controlled
machine, by sending out forged ARP responses which Outpost Firewall Pro will