User's Manual
Chapter 6: Using Advanced Setup
81
The following table shows you the values you can enter:
Setting Description
Use Blacklist
Blacklisting denies an external host access
to your computer/network if an intrusion
from a host has been detected. Access to
the network is denied for ten minutes.
Victim Protection
Block Duration
The length of time that packets destined for
the victim of a spoofing attack are blocked.
Use Victim
Protection
Protection for your system against
broadcast pings. An attacker sends out a
ping with a broadcast destination address
and a spoofed source address.
Packets destined for the victim of a
spoofing attack are blocked for a specified
duration.
DOS Attack Block
Duration
The duration that hosts are blocked once a
Denial of Service (DOS) attack is detected.
Scan Attack Block
Duration
The length of time that traffic from IP
addresses doing the port scan are blocked
once a port scan is detected. Port scans
are used to determine if you have any open
ports that can be accessed.
Maximum TCP Open
Handshaking Count
Sets the maximum number of TCP open
session requests allowed per second
before a SYN flood attack is detected. SYN
Flood is a specific type of DOS attack.
Maximum Ping
Count
Sets the maximum number of pings per
second before an Echo Storm is detected.
Echo Storm is a DOS attack where the
attacker sends oversized ICMP datagrams
to the network using the ping command.
Maximum ICMP
Count
Sets the maximum number of ICMP
packets per second before an ICMP Flood
is detected. ICMP Flood is a DOS attack
where the attacker tries to flood the
network with ICMP packets in order to
prevent legitimate network traffic.