Anti-Spoofing; Access Rule; Function; Settings - D-Link DFL-1600 User Manual

124
attacks. Even if the firewall is able to detect the DoS attacks, it is hard to
trace or stop it because of the spoofing.
15.1.2 Anti-spoofing
To equip the firewalls with Anti-spoofing capability, an extra filter against
the source address verification is in need. D-Link firewalls provide the
network administrators choices to do the source based IP filtering by
.
Other features provided by D-Link firewalls, such as User Authentication
and Encryption, ensure that proper authentication measures are in place
and communication are carried out over secure channels, which can also
reduce the spoofing threats.(See
15.2

Access Rule

15.2.1

Function

The Access rule is capable of monitoring traffic to verify that packets
arriving on an interface of the firewall do not have a source address which is
associated with a network of another interface. In other words, the
principle of the rules can be described as follows:
Any incoming traffic with a source IP address belonging to a local
trusted host is NOT allowed.
Any outgoing traffic with a source IP address belonging to an outside
untrusted network is NOT allowed.
The first one prevents an outsider to use a local host's address as source
address, and the second one prevents any local host to launch the spoofing.
The Access rule set act as an add on filter to the firewall's rules list, and
ensures that the source addresses of packets received on a specific interface
are always within the correct network, provided that the Access rule is
correctly configured. If the Access section lookup does not produce a hit,
the firewall will perform a reverse lookup in its routing table.
15.2.2

Settings

The configuration of an access rule is similar to normal rule, containing
Filtering Fields and the Action to take. If the traffic matches all the fields,
17 User Authentication,
D-Link Firewalls User's Guide
Chapter 15. Access (Anti-spoofing)
VIII VPN)