Table of Contents
Advertisement
Chapter 9. Configuring Firewall/NAT Settings
4. Click on the
displayed in the service list table at the bottom half of the Service configuration page.
9.7.2.4
Delete a Service
To delete a service, follow the instructions below:
1. Open the Service List configuration page by clicking the Firewall
2. Select the service from the service drop-down list or click on the
modified in the service list table.
3. Click on the
from the service list table located at the bottom half of the same configuration page.
9.7.2.5
View Configured Services
To see a list of existing services, follow the instructions below:
1. Open the Service List configuration page by clicking the Firewall
2. The service list table located at the bottom half of the Service configuration page shows all the
configured services.
9.7.3
Configuring DoS Settings
The RX3041H has a proprietary Attack Defense Engine that protects internal networks from Denial of Service
(DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can
drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the
RX3041H Firewall provides protection from "WinNuke", a widely used program to remotely crash unprotected
Windows systems in the Internet. The RX3041H Firewall also provides protection from a variety of common
Internet attacks such as IP Spoofing, Ping of Death, Land Attack, Reassembly and SYN flooding. For a
complete list of DoS protection provided by the RX3041H, please see Table 2.3.
9.7.3.1
DoS Protection Configuration Parameters
Table 9.5 describes the configuration parameters available for DoS Protection.
Field
SYN Flooding
Winnuke
MIME Flood
FTP Bounce
66
button to modify this service. The new settings for this service will then be
button to delete this service. Note that the service deleted will be removed
Table 9.5. DoS Protection Configuration Parameters
Description
Check or un-check this option to enable or disable protection against SYN
Flood attacks. This attack involves sending connection requests to a server,
but never fully completing the connections. This will cause some computers
to get into a "stuck state" where they cannot accept connections from
legitimate users. ("SYN" is short for "SYNchronize"; this is the first step in
opening an Internet connection). You can select this box if you wish to
protect the network from TCP SYN flooding. By default, SYN Flood
protection is enabled.
Check or un-check this option to enable or disable protection against
Winnuke attacks. Some older versions of the Microsoft Windows OS are
vulnerable to this attack. If the computers in the LAN are not updated with
recent versions/patches, you are advised to enable this protection by
checking this check box.
Check or un-check this option to enable or disable protection against MIME
attacks. You can select this box to protect the mail server in your network
against MIME flooding.
Check or un-check this option to enable or disable protection against FTP
bounce attack In its simplest terms the attack is based on the misuse of the
RX3041H User's Manual
Advanced
Service.
icon of the service to be
Advanced
Service.
Advertisement
Table of Contents
