Manuals / Atlantis Land / Computer Equipment / Network Router

Atlantis Land A02-WRA4-54G Hacker attack types recognized by the IDS, Attack, Detect Parameter

Models: A02-WRA4-54G

1 75

Download 75 pages 25.52 Kb

Page 44

Hacker attack types recognized by the IDS

I-FLY WIRELESS ROUTER ADSL

•Scan Attack Block Duration: This is the duration for blocking hosts that attempt a possible Scan attack. Scan attack types include X’mas scan, IMAP SYN/FIN scan and similar attempts. Default value is 86400 seconds.

•Victim Protection Block Duration: This is the duration for blocking Smurf attacks. Default value is 600 seconds.

Victim Protection: If enabled, IDS will block Smurf attack attempts. Default is false.

Max TCP Open Handshaking Count: This is a threshold value to decide whether a SYN Flood attempt is occurring or not. Default value is 100 TCP SYN per seconds.

Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring or not. Default value is 15 ICMP Echo Requests (PING) per second.

Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not. Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log. It cannot protect against such attacks.

Hacker attack types recognized by the IDS

Attack	Detect Parameter	Blacklist	Type of Block	Drop	Show
			Duration	Packet	Log
Ascend Kill	Ascend Kill	Src IP	DoS	Yes	Yes
Win Nuke	TCP, Port=135, 137-139	Src IP	DoS	Yes	Yes
	Flag:URG
Smurf	ICMP type 8	Dst IP	Victim	Yes	Yes
	Des IP is broadcast		Protection
Land Attack	SrcIP = DstIP			Yes	Yes
Echo/CharGen	UDP Echo Port and			Yes	Yes
Scan	CharGen Port
Echo Scan	UDP Dst Port =Echo(7)	Src IP	Scan	Yes	Yes
CharGen Scan	UDP Dst Port =CharGen(19)	Src IP	Scan	Yes	Yes
X’Mas Tree Scan	TCP Flag: X’mas	Src IP	Scan	Yes	Yes
IMAP SYN/FIN	TCP Flag: SYN/FIN	Src IP	Scan	Yes	Yes
Scan	DstPort: IMAP(143)

38

Image 44

Atlantis Land A02-WRA4-54G Hacker attack types recognized by the IDS, Attack, Detect Parameter, Blacklist, Type of Block

Contents

Page Page I-FLY WIRELESS ROUTER ADSL CopyrightCE Mark Warning Important Note1.4 I-FLY WIRELESS ROUTER ADSL APPLICATION 2.1 CAUTIONS FOR USING THE I-FLY WIRELESS ROUTER3.2 CONNECTING THE I-FLY WIRELESS ROUTER ADSL 1.2 PACKAGE CONTENTSI-FLY WIRELESS ROUTER ADSL 3.8.2.1.3 Wireless Security3.6.3.1 3.6.3.2SUPPORT I-FLY WIRELESS ROUTER ADSLAPPENDIX B Quality of Service and IP Throttling Easy Configuration and ManagementIntroduction ChapterIf any of the above items are missing, please contact your reseller 1.2 Package Contents1.3 I-Fly Wireless Router ADSL Features Universal Plug and Play UPnP and UPnP NAT Traversal This protocol is used to enable simple and robust connectivity among stand-alone devices and PCs from many different vendors. It makes network simple and affordable for users. UPnP architecture leverages TCP/IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices Page 1.4 I-Fly Wireless Router ADSL Application I-FLY WIRELESS ROUTER ADSLUsing Wireless ADSL Router 2.1 Cautions for using the I-Fly Wireless Router ADSLPower Lit when power ONconnector ResetPower Switch 2.3 The Rear PortsConfiguration 3.1 Before Configuration3.2 Connecting the I-Fly Wireless Router ADSL Chapter3.3 Configuring PC in Windows For Windows 95/98/MEI-FLY WIRELESS ROUTER ADSL 5. Then select the DNS Configuration tabI-FLY WIRELESS ROUTER ADSL For Windows NT4.02. Select TCP/IP Protocol and click Properties For Windows 2. Double-click LAN Area Connection3. In the LAN Area Connection Status window, click Properties I-FLY WIRELESS ROUTER ADSL6. Click “OK” to finish the configuration 4. Select Internet Protocol TCP/IP and click PropertiesI-FLY WIRELESS ROUTER ADSL For Windows XP Network Connections 2. Double-click Local Area ConnectionI-FLY WIRELESS ROUTER ADSL 3. In the LAN Area Connection Status window, click PropertiesI-FLY WIRELESS ROUTER ADSL 4. Select Internet Protocol TCP/IP and click Properties3.4.2 LAN and WAN Port Addresses 3.4 Factory Default Settings3.4.1 Username and Password 3.6 Configuring with the Web Browser Enabled3.5 Information from the ISP WAN PortSave Config to FLASH ARP Table Wireless Association Routing Table DHCP Table PPTP Status3.6.1 STATUS Quick StartUPnP PortMap IPSec Status L2TP Email Status Event Log Error Log NAT SessionsEmails” in Configuration Advance 3.6.3 Configuration 3.6.2 Quick Start3.6.3.1 LAN LAN, WAN, System, Firewall, VPN, QoS,Virtual Server and Advanced3.6.3.1.2 Wireless 3.6.3.1.1 Ethernet3.8.2.1.3 Wireless Security ESSID Broadcast3.6.3.1.4 Port Settings WPA Pre Shared Key3.6.3.1.5 DHCP 3.6.3.2 WAN 3.6.3.2.1 ISPPPPoA Description User-definable name for the connectionPPPoE Routed I-FLY WIRELESS ROUTER ADSLRFC 1483 Bridge Ether Filter TypeAllows all types of ethernet packets through the port Allows only IP/ARP types of ethernet packets through the portRFC 1483 Routed/RFC1 1577IPoA I-FLY WIRELESS ROUTER ADSL3.6.3.2.3 ADSL 3.6.3.3 System3.6.3.2.2 DNS 3.6.3.3.2 Remote Access 3.6.3.3.1 Time Zone3.6.3.3.3 Firmware Upgrade 3.6.3.3.4 Backup / Restore3.6.3.4 Firewall Application ProtocolPort Firewall High3.6.3.4.1 Configuring Packet Filter 5. Input the port number and set the inbound & outbound as Allow I-FLY WIRELESS ROUTER ADSL3. Click Delete to delete the HTTP rule 4. Click Add TCP Filter 3.6.3.4.2 INTRUSION DETECTION Block DurationHacker attack types recognized by the IDS AttackDetect Parameter Blacklist3.6.3.4.3 MAC Filtering 3.6.3.4.4 URL FilteringSYN/FIN/RST/ACK Net Bus ScanDomains Filtering Restrict URL FeaturesKeywords Filtering Log information can be seen in the Status - Event Log after enabling 3.6.3.4.5 Firewall LogI-FLY WIRELESS ROUTER ADSL 3.6.3.5 VPN VPN - PPTPBackground of the Example An Example of Configuring a Remote Access PPTP VPN Dial-in ConnectionApplication Diagram Configuring PPTP VPN in the Office LAN Router Configuring PPTP VPN in Remote Side3. Enter the IP address of the ADSL Router located in the office Lan or Dynamic DNS name I-FLY WIRELESS ROUTER ADSL Application Diagram Configuring PPTP VPN in the Office Background of the ExamplePPTP Status An Example of Configuring a LAN-to-LAN PPTP VPN Connection Remote LANOffice LAN Product CodeConfiguring PPTP VPN in the Office Lan Configuring PPTP VPN in the Remote LanPPTP Status in the Office LAN I-FLY WIRELESS ROUTER ADSLVPN - IPSec LocalRemote ProposalMD5 A one-way hashing algorithm that produces a 128-bit hash Select the Apply button to update the settings An Example of Configuring a LAN-to-LAN IPSec VPN Connection AuthenticationVPN IPSec EncryptionI-FLY WIRELESS ROUTER ADSL Configuring IPSec VPN in the Office LANConfiguring IPSec VPN in the Remote LAN High 3.6.3.6 QoS3.6.3.6.1 Prioritization 3.6.3.6.2 IP Throttling I-FLY WIRELESS ROUTER ADSL3.6.3.7 Virtual Server 3.6.3.8 Advanced 3.6.3.8.1 Static Routing3.6.3.8.2 Dynamic DNS 3.6.3.8.3 Check EMails3.6.8.3.4 Device Management Embedded Web Server Universal Plug and Play UPnPTraps supported Cold Start, Authentication Failure Simple Network Management ProtocolSNMP Version SNMPv2c and SNMPv3 RFC1650 EtherLike-MIB dot3Stats3.6.4 Save Configuration to Flash 3.6.5 LogoutRFC 1474 PPP/Bridge MIB RFC1573 IfMIB ifMIBObjects Group RFC1695 atmMIB atmMIBObjectsTroubleshooting Problems Starting Up the ADSL Firewall RouterProblems with the WAN Interface Problems with the LAN InterfaceSpecification Technical FeaturesLED Indicators WirelessSupport APPENDIX BSupport Atlantis Land SpA Viale De Gasperi, 122 20017 Mazzo di RhoMII-FLY WIRELESS ROUTER ADSL