User Manual
72
Field Name
Sample value
Explanation
1.
Enable SYN flood protection
Enable/Disable
Makes router more resistant to SYN flood attacks.
2.
SYN flood rate
“25”
Set rate limit (packets/second) for SYN packets above
which the traffic is considered flooded.
3.
SYN flood burst
“50”
Set burst limit for SYN packets above which the traffic is
considered flooded if it exceeds the allowed rate.
4.
TCP SYN cookies
Enable/Disable
Enable the use of SYN cookies (particular choices of initial
TCP sequence numbers by TCP servers).
7.6.6.2 Remote ICMP requests
Attackers are using ICMP echo request packets directed to IP broadcast addresses from remote locations to generate
denial-of-service attacks.
Field Name
Sample value
Explanation
1.
Enable ICMP requests
Enable/Disable
Blocks remote ICMP echo-request type
2.
Enable ICMP limit
Enable/Disable
Enable ICMP echo-request limit in selected period
3.
Limit period
Second/Minute/Hour/Day
Select in what period limit ICMP echo-request
4.
Limit
“10”
Maximum ICMP echo-requests during the period
5.
Limit burst
“5”
Indicating the maximum burst before the above limit kicks
in.
7.6.6.3 SSH Attack Prevention
Prevent SSH (allows a user to run commands on a machine's command prompt without them being physically
present near the machine.) attacks by limiting connections in a defined period.