Table of Contents
Advertisement
1752 and 1754 SHDSL Router User's Guide
The values displayed on the Firewall Configure Intrusion Detection page are the default
values.
2 .Configure Intrusion Detection as follows:
a. Use Blacklist. Select true or false depending on whether you want external hosts to be
blacklisted if the Firewall detects an intrusion from that host. Click on the Clear Blacklist
button at the bottom of the page to clear blacklisting of an external host.
The Security Interface Configuration page is displayed.
b. Use Victim Protection. Select true or false depending on whether you want to protect a
victim from an attempted web spoofing attack.
c. DOS Attack Block Duration. Type the length of time (in seconds) that the Firewall blocks
suspicious hosts for once a DOS attack attempt has been detected.
d. Scan Attack Block Duration. Type the length of time (in seconds) that the Firewall blocks
suspicious hosts for after it has detected scan activity.
e. Victim Protection Block Duration. Type the length of time (in seconds) that the Firewall
blocks packets destined for the victim of a spoofing style attack.
f. Maximum TCP Open Handshaking Count. Type in the maximum number of unfinished TCP
handshaking sessions (per second) that are allowed by Firewall before a SYN Flood is
detected.
g. Maximum Ping Count. Type in the maximum number of pings (per second) that are
allowed before the Firewall detects an Echo Storm DOS attack.
h. Maximum ICMP Count. Type in the maximum number of ICMP packets (per second) that
are allowed by the Firewall before an ICMP Flood DOS is detected.
3. Once you have configured Intrusion Detection, click on
settings are applied to the Firewall, and the Security Interface Configuration page is displayed.
62
June 2005
. The Intrusion Detection
1752-A2-GB20-00
- Quick Links:
- Japan
Hide quick links:
Advertisement
Table of Contents
