Attack Checks - NETGEAR ProSafe FVG318 Reference Manual

Wireless 802.11g vpn firewall

Hide thumbs Also See for ProSafe FVG318:

Reference manual (202 pages)

Configuration manual (11 pages)

Features manual (11 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

Table of Contents

Reference Manual for the ProSafe Wireless 802.11g VPN Firewall Model FVG318

The Default DMZ Server feature is helpful when using some online games and videoconferencing

applications that are incompatible with NAT. The firewall is programmed to recognize some of

these applications and to work properly with them, but there are other applications that may not

function well. In some cases, one local PC can run the application properly if that PC's IP address

is entered as the Default DMZ Server.

Note: For security, NETGEAR strongly recommends that you avoid using the Default

DMZ Server feature. When a computer is designated as the Default DMZ Server, it

loses much of the protection of the firewall, and is exposed to many exploits from

the Internet. If compromised, the computer can be used to attack your network.

To assign a computer or server to be a Default DMZ server:

1. Click Default DMZ Server.

2. Type the IP address for that server.

3. Click Apply.

Note: In this application, the use of the term "DMZ" has become common, although it is

a misnomer. In traditional firewalls, a DMZ is actually a separate physical network

port. A true DMZ port is for connecting servers that require greater access from

the outside, and will therefore be provided with a different level of security by the

firewall. A better term for our application is Exposed Host.

Attack Checks

The check boxes listed below allow you to enable checks on specific types of attacks:

•

VPN Passthrough — Enable this to pass the VPN traffic without any filtering.

•

Drop fragmented IP packets — Enable this to drop fragmented IP packets.

•

Block TCP flood — Enable this to protect the router from Syn flood attack.

•

Block UDP flood — Enable this to limit the number of UDP sessions created from one LAN

machine.

•

Enable DNS proxy — Enable this to allow incoming DNS queries.

•

Enable Stealth Mode — Enable this to set the firewall to operate in stealth mode.

5-14

Firewall Protection and Content Filtering

v1.0, October 2005

Table of Contents

Attack Checks - NETGEAR ProSafe FVG318 Reference Manual

Attack Checks

Troubleshooting

Related Manuals for NETGEAR ProSafe FVG318

Related Content for NETGEAR ProSafe FVG318

Table of Contents