Firewall Protection
147
ProSecure Unified Threat Management (UTM) Appliance
2. Enter the settings as explained in the following table:
Table 30. Attack Checks screen settings
Setting Description
WAN Security Checks
Respond to Ping on
Internet Ports
Select the Respond to Ping on Internet Ports check box to enable the UTM to
respond to a ping from the Internet. A ping can be used as a diagnostic tool. Keep
this check box cleared unless you have a specific reason to enable the UTM to
respond to a ping from the Internet.
Enable Stealth Mode Select the Enable Stealth Mode check box (which is the default setting) to prevent
the UTM from responding to port scans from the WAN, thus making it less
susceptible to discovery and attacks.
Block TCP flood Select the Block TCP flood check box to enable the UTM to drop all invalid TCP
packets and to protect the UTM from a SYN flood attack.
A SYN flood is a form of denial of service attack in which an attacker sends a
succession of SYN (synchronize) requests to a target system. When the system
responds, the attacker does not complete the connections, thus leaving the
connection half open and flooding the server with SYN messages. No legitimate
connections can then be made. By default, the Block TCP flood check box is
cleared.
LAN Security Checks
Block UDP flood Select the Block UDP flood check box to prevent the UTM from accepting more
than 20 simultaneous, active User Datagram Protocol (UDP) connections from a
single device on the LAN. By default, the Block UDP flood check box is cleared.
A UDP flood is a form of denial of service attack that can be initiated when one
device sends a large number of UDP packets to random ports on a remote host. As a
result, the distant host does the following:
1. Checks for the application listening at that port.
2. Sees that no application is listening at that port.
3. Replies with an ICMP Destination Unreachable packet.
When the victimized system is flooded, it is forced to send many ICMP packets,
eventually making it unreachable by other clients. The attacker might also spoof the
IP address of the UDP packets, ensuring that the excessive ICMP return packets do
not reach the attacker, thus making the attacker’s network location anonymous.
Disable Ping Reply
on LAN Ports
Select the Disable Ping Reply on LAN Ports check box to prevent the UTM from
responding to a ping on a LAN port. A ping can be used as a diagnostic tool. Keep
this check box cleared unless you have a specific reason to prevent the UTM from
responding to a ping on a LAN port.
To Next Page
Loading...
Need help?
General
