Table of Contents
Advertisement
RX3042H User's Manual
ACL is a very appropriate measure for providing isolation of one
subnet from another. It can be used as the first line of defense in
the network to block inbound packets of specific types from ever
reaching the protected network.
The RX3042H Firewallʼs ACL methodology supports:
• Filtering based on destination and source IP address, port
number and protocol
• Use of the wild card for composing filter rules
• Filter Rule priorities
2.3.2.3 Defense against DoS Attacks
The RX3042H Firewall has an Attack Defense Engine that protects
internal networks from known types of Internet attacks. It provides
automatic protection from Denial of Service (DoS) attacks such
as SYN flooding, IP smurfing, LAND, Ping of Death and all re-
assembly attacks. For example, the RX3042H Firewall provides
protection from "WinNuke", a widely used program to remotely
crash unprotected Windows systems in the Internet. The RX3042H
Firewall also provides protection from a variety of common Internet
attacks such as IP Spoofing, Ping of Death, Land Attack, and
Reassembly attacks.
The type of attack protections provided by the RX3042H is listed in
Table 2.1.
Type of Attack
Re-assembly Attacks
ICMP Attacks
Flooders
Port Scans
Protection with PF Rules
Miscellaneous Attacks
Table 2.1. DoS Attacks
Name of Attacks
Bonk, Boink, Teardrop ( New Tear),
Overdrop, Opntear, Syndrop, Jolt, IP
fragmentation overlap.
Ping of Death, Smurf, Twinge
Logging only for ICMP Flooder, UDP
Flooder, SYN Flooder
Logging only for TCP SYN Scan,
Attacking packets dropped: TCP
XMAS Scan, TCP Null Scan, TCP
Stealth Scan
Echo-Chargen, Ascend Kill
IP Spoofing, LAND, Targa, Winnuke
Getting to Know RX3042H
5
Advertisement
Table of Contents
