Reference: Configuration options
Avira Professional Security - User Manual (Status: 23 Sep. 2011) 141
Outgoing blocked types: no types/several types
With a mouse click on the link a list of ICMP packet types is displayed. From this list
you can select the desired outgoing ICMP message types you want to block.
Flooding
With a mouse click on the link, a dialog box is displayed where you can enter the
maximum allowed ICMPA delay.
Fragmented ICMP packets
With a mouse click on the link, you have the choice to reject or not to reject
fragmented ICMP packets.
TCP port scan
With this rule, you can define when a TCP port scan is assumed by the FireWall and what
should be done in this case. This rule serves for preventing so-called TCP port scan
attacks that result in a detection of open TCP ports on your computer. This kind of attack is
used to search a computer for weak spots and is often followed by more dangerous attack
types.
Predefined rules for the TCP port scan
Assume a TCP port scan if 50 or more ports were
scanned in 5,000 milliseconds.
When detected, log attacker's IP and don't add rule
to block the attack.
Assume a TCP port scan if 50 or more ports were
scanned in 5,000 milliseconds.
When detected, log attacker's IP and add rule to
block the attack.
Ports
With a mouse click on the link a dialog box appears in which you can enter the number
of ports that must have been scanned so that a TCP port scan is assumed.
Port scan time window
With a mouse click on this link a dialog box appears in which you can enter the time
span for a certain number of port scans, so that a TCP port scan is assumed.
To Next Page
Loading...