detecting this malicious exploration behavior by monitoring the

 

port-scanning Threshold rate, the Vigor router will send out a

 

warning. By default, the Vigor router sets the threshold as 150

 

packets per second.

Block IP options

Check the box to activate the Block IP options function. The Vigor

 

router will ignore any IP packets with IP option field in the

 

datagram header. The reason for limitation is IP option appears to

 

be a vulnerability of the security for the LAN because it will carry

 

significant information, such as security, TCC (closed user group)

 

parameters, a series of Internet addresses, routing messages...etc.

 

An eavesdropper outside might learn the details of your private

 

networks.

Block Land

Check the box to enforce the Vigor router to defense the Land

 

attacks. The Land attack combines the SYN attack technology with

 

IP spoofing. A Land attack occurs when an attacker sends spoofed

 

SYN packets with the identical source and destination addresses, as

 

well as the port number to victims.

Block Smurf

Check the box to activate the Block Smurf function. The Vigor

 

router will ignore any broadcasting ICMP echo request.

Block trace router

Check the box to enforce the Vigor router not to forward any trace

 

route packets.

Block SYN fragment

Check the box to activate the Block SYN fragment function. The

 

Vigor router will drop any packets having SYN flag and more

 

fragment bit set.

Block Fraggle Attack

Check the box to activate the Block fraggle Attack function. Any

 

broadcast UDP packets received from the Internet is blocked.

 

Activating the DoS/DDoS defense functionality might block some

 

legal packets. For example, when you activate the fraggle attack

 

defense, all broadcast UDP packets coming from the Internet are

 

blocked. Therefore, the RIP packets from the Internet might be

 

dropped.

Block TCP flag scan

Check the box to activate the Block TCP flag scan function. Any

 

TCP packet with anomaly flag setting is dropped. Those scanning

 

activities include no flag scan, FIN without ACK scan, SYN FINscan,

 

Xmas scan and full Xmas scan.

Block Tear Drop

Check the box to activate the Block Tear Drop function. Many

 

machines may crash when receiving ICMP datagrams (packets) that

 

exceed the maximum length. To avoid this type of attack, the Vigor

 

router is designed to be capable of discarding any fragmented ICMP

 

packets with a length greater than 1024 octets.

Block Ping of Death

Check the box to activate the Block Ping of Death function. This

 

attack involves the perpetrator sending overlapping packets to the

 

target hosts so that those target hosts will hang once they

 

re-construct the packets. The Vigor routers will block any packets

 

realizing this attacking activity.

Block ICMP Fragment Check the box to activate the Block ICMP fragment function. Any ICMP packets with more fragment bit set are dropped.

Block Land

Check the box to enforce the Vigor router to defense the Land

 

attacks. The Land attack combines the SYN attack technology with

52

Vigor2800 Series User’s Guide

Page 55 Page 57
Page 56
Image 56
Draytek 2800 Series Block IP options, Block Land, Block Smurf, Block trace router, Block SYN fragment, Block TCP flag scan
Page 55 Page 57

2800 Series specifications

The Draytek 2800 series is a robust solution in the realm of networking, catering primarily to small and medium-sized enterprises (SMEs). This series provides essential features for those looking to establish reliable and secure connectivity. With its advanced technology, it positions itself as an excellent choice for businesses needing to manage their network capabilities efficiently.

One of the standout features of the Draytek 2800 series is its support for various WAN connections. Businesses can opt for ADSL, ADSL2+, or Ethernet connections, allowing them flexibility depending on their internet service capabilities. This versatility ensures that users can select the most appropriate setup based on the local infrastructure.

In terms of security, the Draytek 2800 series is equipped with robust firewalls, including stateful packet inspection and DoS protection. This ensures that the network remains protected from potential threats. Additionally, it offers VPN capabilities, enabling secure remote access for employees working from different locations. The support for multiple VPN protocols, such as PPTP and L2TP, allows for secure and versatile connections.

The series also features an integrated, 4-port Ethernet switch, simplifying the task of connecting multiple devices within a local area network. This encourages seamless communication and data sharing among connected devices. Furthermore, the Draytek 2800 series supports Quality of Service (QoS) capabilities, which allows businesses to prioritize bandwidth for critical applications, ensuring that high-demand services such as VoIP and video conferencing operate smoothly without interruptions.

Another characteristic is its web-based management interface, which simplifies network administration. IT professionals can easily configure and monitor the router settings without needing extensive technical expertise. The series also supports dynamic DNS, which is crucial for businesses that require consistent access to their networks through domain names rather than constantly changing IP addresses.

Additionally, the Draytek 2800 series is designed for scalability, allowing businesses to expand their network as needed without significant overhauls. This flexibility ensures that the system can grow alongside the business.

In summary, the Draytek 2800 series combines advanced features, reliable performance, and enhanced security, making it a preferred choice for SMEs looking to build a solid networking foundation. Its flexibility, security features, and user-friendly management tools provide a comprehensive networking solution that meets the needs of modern businesses.
Top Page Image Contents