Dynamix UM-A User Manual page 105

4/1 port

Hide thumbs Also See for UM-A:

User manual (197 pages)

Quick start manual (10 pages)

Quick start manual (12 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

Table of Contents

Reassembly Attack checking: Reassembly Attack is a type of DoS attack that

exploits the weakness of the IP protocol reassembly process. As discussed earlier in

this user guide, packets undergo fragmentation when they exceed a certain

maximum size. Certain criteria define the packet fragmentation process so that

packets can be reassembled properly. In Reassembly Attack, the subpackets have

malformed criteria (fragment offset), which can easily cause a system to crash,

freeze, or reboot. Enable this option to check for and filter out Reassembly Attack

packets.

Advanced Protection:

SYN Flooding checking: SYN Flooding is a type of DoS attack that is

accomplished by not sending the final acknowledgement to the receiving server's

SYN-ACK (SYNchronize-ACKnowledge) in the final part of the handshake

process. This causes the serve to keep signaling until it is timed out. When a flood

(many) of these attacks are sent simultaneously, the server will probably overload

and crash. Enable SYN Flooding checking to filter out possible SYN flood packets.

ICMP Redirection checking: Also known as an ICMP storm attack or smurf

attack, ICMP Redirection is another form of DoS. This attack is performed by

sending ICMP echo requests to a broadcast network node. The return IP address is

spoofed and replaced by the victim's own address, causing it to send the request

back to itself. This causes the broadcast address to send it out to all the network

nodes in the broadcast area (usually the entire LAN). In turn, all those recipients

resend it back to the broadcast. The process repeats itself, gaining more amplitude

through each iteration and eventually causing a traffic overload and crashing the

network. Enable ICMP Redirection checking to filter out packets containing the

threat.

Source Routing checking: Source routing gives the sender of a packet the ability

to determine the exact route that an IP packet takes to get to the destination.

However, source routing can be used for malicious reasons. Using a source routed

packet, the sender could find out important information about nodes in a network,

making it easy to exploit any weakness. Enabling Source Routing checking will

cause the firewall to filter out any packet with Source Routing properties.

WinNuke Attack checking: WinNuke exploits a large networking bug found in

Windows 95 and NT. WinNuke sends erroneous OOB (Out-of-Band) data that

Windows is unable to process, causing the target computer to crash. Enable this if

you are running an early (95 or NT) version of Windows that is vulnerable to this

attack.

4/1 Port ADSL Router

P 104

Table of Contents

Dynamix UM-A User Manual page 105

Related Manuals for Dynamix UM-A

Related Products for Dynamix UM-A

Table of Contents