TP-Link TL-R600VPN Configuration Manual page 103
Gigabit broadband
Hide thumbs
Also See for TL-R600VPN:
- User manual (82 pages) ,
- Datasheet (3 pages) ,
- Quick installation manual (2 pages)
Table of Contents
Advertisement
Configuring Firewall
Multi-connections
ICMP Flood
Stationary source TCP
SYN Flood
Stationary source UDP
Flood
Stationary source ICMP
Flood
2) In the Packet Anomaly Defense section, directly check the box to enable your desired
feature. By default, all the options are enabled. For details, refer to the following table:
Block Fragment Traffic
Block TCP Scan (Stealth
FIN/Xmas/Null)
Block Ping of Death
Block Large Ping
Block Ping from WAN
Block WinNuke attack
Block TCP packets with
SYN and FIN Bits set
Block TCP packets with
FIN Bit set but no ACK
Bit set
Block packets with
specified IP options
3) Click Save to save the settings.
With this feature enabled, the router will filter the subsequent ICMP
packets if the number of this kind of packets reaches the specified
threshold. The valid threshold ranges from 100 to 99999.
With this feature enabled, the router will filter the subsequent stationary
source TCP SYN packets if the number of this kind of packets reaches the
specified threshold. The valid threshold ranges from 100 to 99999.
With this feature enabled, the router will filter the subsequent stationary
source UDP SYN packets if the number of this kind of packets reaches the
specified threshold. The valid threshold ranges from 100 to 99999.
With this feature enabled, the router will filter the subsequent stationary
source ICMP SYN packets if the number of this kind of packets reaches
the specified threshold. The valid threshold ranges from 100 to 99999.
With this option enabled, the router will filter the fragment packets.
With this option enabled, the router will filter the TCP scan packets of
Stealth FIN, Xmas and Null.
With this option enabled, the router will block Ping of Death attack. Ping of
Death attack means that the attacker sends abnormal ping packets larger
than 65535 bytes to cause system crash on the target computer.
With this option enabled, the router will block Large Ping attacks. Large
Ping attack means that the attacker sends multiple ping packets larger
than 1500 bytes to cause the system crash on the target computer.
With this option enabled, the router will block the ICMP request from WAN.
With this option enabled, the router will block WinNuke attacks. WinNuke
attack refers to a remote denial-of-service attack (DoS) that affects some
Windows operating systems, such as the Windows 95 and Windows N. The
attacker sends a string of OOB (Out of Band) data to the target computer
on TCP port 137, 138 or 139, causing system crash or Blue Screen of
Death.
With this option enabled, the router will filter the TCP packets with both
SYN Bit and FIN Bit set.
With this option enabled, the router will filter the TCP packets with FIN Bit
set but without ACK Bit set.
With this option enabled, the router will filter the packets with specified IP
options. You can choose the options according to your needs.
Firewall Configuration
Configuration Guide
95
- Quick Links:
- Wan Configuration
Hide quick links:
Advertisement
Table of Contents
