EasyManuals Logo

D-Link DSR-1000 User Manual

D-Link DSR-1000
378 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #213 background imageLoading...
Page #213 background image
D-Link DSR-Series User Manual 199
Section 8 - Security
Attack Checks
Path: Security > Firewall > Attack Checks
Attacks can be malicious security breaches or unintentional network issues that render the router unusable
Attack checks allow you to manage WAN security threats such as continual ping requests and discovery via ARP
scans. TCP and UDP ī˜œood attack checks can be enabled to manage extreme usage of WAN resources.
Additionally certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if uninhibited, can use up
processing power and bandwidth and prevent regular network services from running normally. ICMP packet
ī˜œooding, SYN traī˜žc ī˜œooding, and Echo storm thresholds can be conī˜Ÿgured to temporarily suspect traī˜žc from
the oī˜ending source.
1. Click Security > Firewall > Attack Checks.
2. Complete the ī˜Ÿelds from the table below and click Save.
Field Description
Stealth Mode
If this option is toggled to ON, the router will not respond to port scans from the WAN. This makes it
less susceptible to discovery and attacks.
Block TCP Flood
If this option is toggled to ON, the router will drop all invalid TCP packets and be protected from a
SYN ī˜œood attack.
Filter Check
If this option is enabled, then router will drop invalid TCP packets(FIN,RST and ACK) going with
SNAT while the connection is closed. Some of the other packets like TCP OUT-OF-WINDOW are also
considered to be invalid. Disable this option while taking performance in Ixia setup as enabling this
option will eī˜ect the throughput.
Block UDP Flood
If this option is toggled to ON, the router will not accept more than the conī˜Ÿgured value in ā€˜UDP
Connection Limitā€™ which indicates simultaneous, active UDP connections from a single computer
on the LAN. You can set the number of simultaneous active UDP connections to be accepted from a
single computer on the LAN; the default is 25 and the range is 25 to 500.
Block ICMP Notiī˜žcation
Toggle to ON to prevent ICMP packets from being identiī˜Ÿed as such. ICMP packets, if identiī˜Ÿed, can
be captured and used in a Ping (ICMP) ī˜œood DoS attack.
Block Fragmented Packets Toggle to ON to drop any fragmented packets through or to the gateway

Table of Contents

Other manuals for D-Link DSR-1000

Preview: Manual
Manual251 pages
Preview: Cli Reference Guide
Cli Reference Guide83 pages
Preview: Quick Installation Guide
Quick Installation Guide72 pages
Preview: Reference Guide
Reference Guide129 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the D-Link DSR-1000 and is the answer not in the manual?

D-Link DSR-1000 Specifications

General IconGeneral
BrandD-Link
ModelDSR-1000
CategoryNetwork Router
LanguageEnglish

Related product manuals