Atlantis Land A02-WRA4-54G manual Hacker attack types recognized by the IDS

Page 44

I-FLY WIRELESS ROUTER ADSL

Scan Attack Block Duration: This is the duration for blocking hosts that attempt a possible Scan attack. Scan attack types include X’mas scan, IMAP SYN/FIN scan and similar attempts. Default value is 86400 seconds.

Victim Protection Block Duration: This is the duration for blocking Smurf attacks. Default value is 600 seconds.

Victim Protection: If enabled, IDS will block Smurf attack attempts. Default is false.

Max TCP Open Handshaking Count: This is a threshold value to decide whether a SYN Flood attempt is occurring or not. Default value is 100 TCP SYN per seconds.

Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring or not. Default value is 15 ICMP Echo Requests (PING) per second.

Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not. Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log. It cannot protect against such attacks.

Hacker attack types recognized by the IDS

Attack

Detect Parameter

Blacklist

Type of Block

Drop

Show

 

 

 

Duration

Packet

Log

Ascend Kill

Ascend Kill

Src IP

DoS

Yes

Yes

Win Nuke

TCP, Port=135, 137-139

Src IP

DoS

Yes

Yes

 

Flag:URG

 

 

 

 

Smurf

ICMP type 8

Dst IP

Victim

Yes

Yes

 

Des IP is broadcast

 

Protection

 

 

Land Attack

SrcIP = DstIP

 

 

Yes

Yes

Echo/CharGen

UDP Echo Port and

 

 

Yes

Yes

Scan

CharGen Port

 

 

 

 

Echo Scan

UDP Dst Port =Echo(7)

Src IP

Scan

Yes

Yes

CharGen Scan

UDP Dst Port =CharGen(19)

Src IP

Scan

Yes

Yes

X’Mas Tree Scan

TCP Flag: X’mas

Src IP

Scan

Yes

Yes

IMAP SYN/FIN

TCP Flag: SYN/FIN

Src IP

Scan

Yes

Yes

Scan

DstPort: IMAP(143)

 

 

 

 

38

Image 44
Contents Page Page Important Note CopyrightCE Mark Warning Table of Contents 3.1 Appendix B Quality of Service and IP Throttling Easy Configuration and ManagementAn Overview of the Adsl Firewall Router Broadband Sharing and IP sharingPackage Contents Fly Wireless Router Adsl FeaturesFLY Wireless Router Adsl Page Fly Wireless Router Adsl Application Front LEDs Lit when there is a PPPoA/PPPoE connectionLit when successfully connected to an Adsl Dslam Rear Ports CablingBefore Configuration Connecting the I-Fly Wireless Router AdslConfiguring PC in Windows For Windows 95/98/MEFLY Wireless Router Adsl For Windows NT4.0 For Windows Click OK to finish the configuration For Windows XP FLY Wireless Router Adsl LAN and WAN Port Addresses Factory Default SettingsUsername and Password Configuring with the Web Browser Information from the ISPQuick Start Save Config to FlashStatus Emails in Configuration Advance 3.1 LAN ConfigurationQuick Start Wireless EthernetWireless Security Essid BroadcastPort Settings WPA Pre Shared KeyDhcp 3.2 WAN 3.2.1 ISPPPPoA PPPoE Routed Allows all types of ethernet packets through the port RFC 1483 BridgeEther Filter Type RFC 1483 Routed/RFC1 1577IPoA System 3.2.2 DNS AdslRemote Access Time ZoneFirmware Upgrade Backup / RestoreFirewall HTTP80 DNSFTP21 Telnet23Configuring Packet Filter FLY Wireless Router Adsl Intrusion Detection Block DurationHacker attack types recognized by the IDS MAC Filtering URL FilteringDomains Filtering Restrict URL FeaturesKeywords Filtering Firewall Log 3.5 VPN VPN PptpApplication Diagram Background of the ExampleConfiguring Pptp VPN in the Office LAN Router Configuring Pptp VPN in Remote SideFLY Wireless Router Adsl FLY Wireless Router Adsl Application Diagram Configuring Pptp VPN in the Office Pptp Status An Example of Configuring a LAN-to-LAN Pptp VPN Connection Application Diagram Remote LAN Office LAN Product CodePicture Public IP Subnet MaskConfiguring Pptp VPN in the Office Lan Configuring Pptp VPN in the Remote LanPptp Status in the Office LAN VPN IPSec LocalRemote ProposalFLY Wireless Router Adsl FLY Wireless Router Adsl An Example of Configuring a LAN-to-LAN IPSec VPN Connection FLY Wireless Router Adsl 3.6 QoS PrioritizationHigh LowIP Throttling Virtual Server Advanced Static RoutingDynamic DNS Check EMailsDevice Management Embedded Web Server Universal Plug and Play UPnPTraps supported Cold Start, Authentication Failure Simple Network Management ProtocolSnmp Version SNMPv2c and SNMPv3 RFC 1471 PPP/LCP MIBRFC 1474 PPP/Bridge MIB Save Configuration to FlashLogout Problems Starting Up the Adsl Firewall Router Problems with the WAN InterfaceProblems with the LAN Interface Problem Corrective ActionTechnical Features Support SupportFLY Wireless Router Adsl