Attack Checks - NETGEAR FVS338 - ProSafe VPN Firewall 50 Router Reference Manual

FVS338 ProSafe VPN Firewall 50 Reference Manual
Figure 4-4

Attack Checks

This screen allows you to specify whether or not the router should be protected against common
attacks in the LAN and WAN networks. The various types of attack checks are listed on the
Attack Checks screen and defined below:
• WAN Security Checks
– Respond To Ping On Internet Ports. When enabled, the router will respond to a "Ping"
from the Internet. This can be used as a diagnostic tool and shouldn't be used unless you
have a specific diagnostic reason to do so.
– Enable Stealth Mode. If enabled, the router will not respond to port scans from the WAN,
thus making it less susceptible to discovery and attacks.
– Block TCP Flood. A SYN flood is a form of denial of service attack in which an attacker
sends a succession of SYN requests to a target system. When the system responds, the
attacker doesn't complete the connections, thus leaving the connection half-open and
flooding the server with SYN messages. No legitimate connections can then be made.
When enabled, the router will drop all invalid TCP packets and will be protected from a
SYN flood attack.
• LAN Security Checks. A UDP flood is a form of denial of service attack that can be initiated
when one machine sends a large number of UDP packets to random ports on a remote host. As
a result, the distant host will (1) check for the application listening at that port, (2) verify that
no application is listening at that port, and then (3) reply with an ICMP Destination
Unreachable packet.
4-10 Firewall Protection and Content Filtering
v1.0, March 2009