Vigor2920 Series User’s Guide
205
Item Description
Internet are blocked. Therefore, the RIP packets from the
Internet might be dropped.
Block TCP flag scan
Check the box to activate the Block TCP flag scan function.
Any TCP packet with anomaly flag setting is dropped. Those
scanning activities include no flag scan, FIN without ACK scan,
SYN FINscan, Xmas scan and full Xmas scan.
Block Tear Drop
Check the box to activate the Block Tear Drop function. Many
machines may crash when receiving ICMP datagrams (packets)
that exceed the maximum length. To avoid this type of attack,
the Vigor router is designed to be capable of discarding any
fragmented ICMP packets with a length greater than 1024
octets.
Block Ping of Death
Check the box to activate the Block Ping of Death function.
This attack involves the perpetrator sending overlapping
packets to the target hosts so that those target hosts will hang
once they re-construct the packets. The Vigor routers will
block any packets realizing this attacking activity.
Block ICMP Fragment
Check the box to activate the Block ICMP fragment function.
Any ICMP packets with more fragment bit set are dropped.
Block Unassigned
Numbers
Check the box to activate the Block Unknown Protocol
function. Individual IP packet has a protocol field in the
datagram header to indicate the protocol type running over the
upper layer. However, the protocol types greater than 100 are
reserved and undefined at this time. Therefore, the router should
have ability to detect and reject this kind of packets.
Warning Messages
We provide Syslog function for user to retrieve message from
Vigor router. The user, as a Syslog Server, shall receive the
report sending from Vigor router which is a Syslog Client.
All the warning messages related to DoS Defense will be sent to
user and user can review it through Syslog daemon. Look for the
keyword DoS in the message, followed by a name to indicate
what kind of attacks is detected.
To Next Page
Loading...
Need help?
General
