Intrusion Detection - Billion BiPAC 7401VGP R3 User Manual

Voip/ 802.11g adsl2+ firewall router

Hide thumbs Also See for BiPAC 7401VGP R3:

Product manual (20 pages)

Setup manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

Table of Contents

Intrusion Detection

The router Intrusion Detection System (IDS) is used to detect hacker's attack and intrusion attempts

from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and

blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or

other connections that the router determines to be suspicious.

Blacklist: If the router detects a possible attack, the source IP or destination IP address will be

added to the Blacklist. Any further attempts using this IP address will be blocked for the time period

specified in the Block Duration. The default setting for this function is false (disabled). Some types of

attack are denied immediately without using the Blacklist function, such as Land attack

and Echo/CharGen scan.

Intrusion Detection: If enabled, IDS will block Smurf attack attempts. Default is false.

Block Duration:

Victim Protection Block Duration: This is the duration for blocking Smurf attacks. Default

value is 600 seconds.

Scan Attack Block Duration: This is the duration for blocking hosts that attempt a possible

Scan attack. Scan attack types include X'mas scan, IMAP SYN/FIN scan and similar

attempts. Default value is 86400 seconds.

DoS Attack Block Duration: This is the duration for blocking hosts that attempt a possible

Denial of Service (DoS) attack. Possible DoS attacks this attempts to block include Ascend

Kill and WinNuke. Default value is 1800 seconds.

Max TCP Open Handshaking Count: This is a threshold value to decide whether a SYN Flood

attempt is occurring or not. Default value is 100 TCP SYN per seconds.

Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring or

not. Default value is 15 ICMP Echo Requests (PING) per second.

Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not. Default

value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

Clear Blacklist: Clear the current blacklist.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Intrusion Detection - Billion BiPAC 7401VGP R3 User Manual

Intrusion Detection

Hide quick links:

Related Manuals for Billion BiPAC 7401VGP R3

Related Content for Billion BiPAC 7401VGP R3

Table of Contents