BT Micro Owner’s Manual
142
Enter the following parameters
Use Blacklist Enables or disables blacklisting of an external host if the
firewall has detected an intrusion from that host. Access is
denied to that host for 10 minutes.
Use Victim Protection Enables or disables the blocking of incoming broadcast Ping
commands for the period specified in Victim Protection Block
duration.
Victim Protection Block
Duration
The period for which incoming broadcast Pings are blocked.
The default setting is 600 seconds.
DOS Attack Block
Duration
If a Denial of Service attack is detected, traffic from that host
is blocked for the duration specified here. The default setting
is 1800 seconds.
Scan Attack Block
Duration
If scan activity from a host attempting to identify open ports
is detected, traffic from that host is blocked for the duration
specified here. The default setting is 86400 seconds (1 day).
Scan Detection
Threshold
If the number of scanning packets counted within the Scan
Detection Period exceeds the value set here, a port scan
attack is detected. The default setting is 5 per second.
Scan Detection Period The duration that scanning type traffic is counted for. The
default setting is 60 seconds.
Port Flood Detection
Threshold
This is the maximum number of SYN packets that can be
received by a single port before a flood is detected. The
default setting is 10 per second.
Host Flood Detection
Threshold
This is the maximum number of SYN packets that can be
received from a host before a flood is detected. The default
setting is 20 per second.
Flood Detection Period If the number of SYN floods counted within this duration
exceeds either the Port Flood Detection Threshold or the
Host Flood Detection Threshold, traffic from the attacker is
blocked for the DOS Attack Block Duration. The default
setting is 10 seconds.
Maximum TCP Open
Handshaking Count
This is the maximum number (per second) of unfinished
TCP handshaking sessions that are allowed before a DOS
attack is detected. The default setting is 5 per second.
Maximum Ping Count This is the maximum number of Pings (per second) that are
allowed before a DOS attack is detected.
Maximum ICMP Count This is the maximum number of ICMP packets (per second)
that are allowed before a DOS attack is detected.
Select “Clear Blacklist” if you wish to clear all external hosts
from the blacklist.
Select “Apply”
Save Configuration
Restart the BT Micro
To Next Page
Loading...