Advertisement
General
Port Scan – Switch the toggle to enable/disable the Port Scan
detection. Port Scans attack your network by sending packets to a
range of ports in an attempt to find services that would respond.
When Port Scan detection is enabled, the router sends warning
messages when it detects port scanning activities that exceed the
Threshold rate.
Port Scan Packet Rate – The default threshold is 2000 packets
per second.
Option (Edit/Delete) – Click Edit to open the setting page to modify
in detail (packet rate and burst rate). Click Delete to remove the
selected entry.
Switch the toggle to enable/disable the function listed below.
Block IP Options – If enabled, the Vigor router will ignore IP packets
with IP option field set in the datagram header. IP options are rarely
used and could be abused by attackers as they carry information
about the private network otherwise not available to the external
network, such as security, TCC (closed user group) parameters, a
series of Internet addresses, routing messages, etc, which external
eavesdroppers can use to discover details about the private network.
Block Land – Enable to block LAND attacks. LAND attacks happen
when an attacker sends spoofed SYN packets with both source and
destination addresses set to that of the target system, which causes
the target to reply to itself continuously.
Block SMURF – Enable to block Smurf attacks. The router will ignore
any broadcasting ICMP echo request.
Block Trace Route – Enable to block traceroutes. The router will not
forward traceroute packets.
Block SYN Fragment – Enable to block SYN packet fragments. The
router will drop any packets having both the SYN and more-fragments
bits set.
Block Fraggle – Enable to block Fraggle Attacks. Broadcast UDP
packets received from the Internet are blocked.
Activating this feature might block some legitimate packets. Since all
broadcast UDP packets coming from the Internet are blocked, RIP
packets from the Internet could also be dropped.
Block Tear Drop – Enable to block Tear Drop attacks. Some clients
may crash when they receive ICMP datagrams (packets) that exceed
the maximum length. The router discards any fragmented ICMP
packets having lengths greater than 1024 octets.
Block Ping of Death – Enable to block Ping of Death, where
fragmented ping packets are sent to target hosts so that those hosts
could crash as they reassemble the malformed ping packets.
Block ICMP Fragment – Enable to block ICMP Fragments. ICMP
packets with the more-fragments bit set are dropped.
Block Unknown Protocol – Enable to block Unassigned Protocol
Numbers, and the router will block packets having unassigned
protocol numbers. Individual IP packet has a protocol field in the
datagram header to indicate the protocol type running over the upper
layer. However, the protocol types greater than 100 are reserved and
undefined at this time. Therefore, the router should have ability to
detect and reject this kind of packets.
ARP Spoofing Defense
170
Advertisement
Need help?
Do you have a question about the Vigor2136 Series and is the answer not in the manual?
Questions and answers