Url Filter - Draytek VIGOR3300V+ User Manual

Multi wan security router

Hide thumbs Also See for VIGOR3300V+:

Quick start manual (34 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

Table of Contents

Enable Block Smurf

Enable Block Trace Route Activates the Block trace route function. The router will not

Enable Block SYN

Fragment

Enable Block Fraggle

Attack

Enable TCP Flag Scan

Enable Tear Drop

Enable Ping of Death

Enable Block ICMP

Fragment

Enable Block Unknown

Protocol

Click Apply to apply the settings when you finish the configuration.

4.4.3 URL Filter

The Internet contains a wide range of offenses or illegal materials. Unlike traditional media,

the Internet does not have any obvious tools to segregate materials based on URL strings or

content. URL content filtering systems are seen as tools that would provide the cyberspace

equivalent of the physical separations that are used to limit access to particular materials. By

rating a site as objectionable, and refusing to display it on user's browser, URL content filter

can prevent employee on SME from accessing inappropriate Internet resources.

Instead of traditional firewall inspects packets based on the fields of TCP/IP headers, the

URL content filter checks the URL strings or the payload of TCP/IP packets.

The URL content filter in the series of broadband security routers inspects every URL string

in the HTTP requestt. If the entire or part of the URL string (for instance,

http://www.draytek.com, as shown above) matches any activated rule, the first and the

Activates the Block Smurf function. The router will reject any

ICMP echo request destined for the broadcast address.

forward any trace route packets.

Activates the Block SYN fragment function. Any packets

having the SYN flag and fragmented bit sets will be dropped.

Activates the Block fraggle Attack function. Any broadcast

UDP packets received from the Internet are blocked.

Activates the Block TCP flag scan function. Any TCP packet

with an anomalous flag setting is dropped. These scanning

activities include no flag scan, FIN without ACK scan, SYN

FIN scan, Xmas scan and full Xmas scan.

Activates the Block Tear Drop function. This attack involves

the perpetrator sending overlapping packets to the target hosts

so that target host will hang once they re-construct the packets.

The routers will block any packets resembling this attacking

activity.

Activates the Block Ping of Death function. Many machines

may crash when receiving an ICMP datagram that exceeds the

maximum length. The router will block any fragmented ICMP

packets with a length greater than 1024 octets.

Activates the Block ICMP fragment function. Any ICMP

packets with fragmented bit sets are dropped.

Activates the Block Unknown Protocol function. The router

will block any packets with unknown protocol types.

148

Vigor3300V+ Series User's Guide

Table of Contents

Url Filter - Draytek VIGOR3300V+ User Manual

4.4.3 URL Filter

Related Manuals for Draytek VIGOR3300V+

Related Content for Draytek VIGOR3300V+

Table of Contents