SonicWALL 3 Detection Prevention, Source Routed Packets, TCP Connection Inactivity Timeout, TCP Checksum Validation, Access Rule Service Options

190

SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE

HAPTER

32:

Configuring Advanced Rule Options

Detection Prevention

By default, the SonicWALL security appliance responds to incoming connection requests as either

“blocked” or “open”. If you enable Stealth Mode, your SonicWALL security appliance does not

respond to blocked inbound connection requests. Stealth Mode makes your SonicWALL security

appliance essentially invisible to hackers.

Select Randomize IP ID to prevent hackers using various detection tools from detecting the presence

of a SonicWALL security appliance. IP packets are given random IP IDs which makes it more difficult

for hackers to “fingerprint” the SonicWALL security appliance.

•Select Enable support for Oracle (SQLNet) if you have Oracle applications on your network.

•Select Enable Support for Windows Messenger if you are having problems using Windows

Messenger and Windows XP through the SonicWALL security appliance. If Enable Support for

Windows Messenger is selected, it may affect the performance of the SonicWALL security appli-

ance.

•Select Enable RTSP Transformations to support on-demand delivery of real-time data, such as

audio and video. RTSP (Real Time Streaming Protocol) is an application-level protocol for control

over delivery of data with real-time properties.

Source Routed Packets

Drop Source Routed Packets is selected by default. Clear the check box if you are testing traffic

between two specific hosts and you are using source routing.

TCP Connection Inactivity Timeout

If a connection to a remote server remains idle for more than five minutes, the SonicWALL security

appliance closes the connection. Without this timeout, Internet connections could stay open

indefinitely, creating potential security holes. You can increase the Inactivity Timeout if applications,

such as Telnet and FTP, are frequently disconnected.

TCP Checksum Validation

Enable TCP checksum validation - enables TCP checksum validation for error checking.

Access Rule Service Options

Force inbound and outbound FTP data connections to use default port: 20 - The default

configuration allows FTP connections from port 20 but remaps outbound traffic to a port such as 1024.

If the check box is selected, any FTP data connection through the security appliance must come from

port 20 or the connection is dropped. The event is then logged as a log event on the security

appliance.