Chapter 5 Advanced Configuration / Network Management
63
create a firewall policy to protect your network against the
following attack types and port scans:
Attacks Port Scan s
Ping of D eath Attack
Tear Drop Attack
IP Spoof ing Attack
Smurf Att ack
Land Atta ck
Fragmenta tion Scan
UDP Scan
ICMP Scan
TCP Sessi on Scan
Xmas Scan
Null Scan
RST Scan
SYNACK Sc an
FIN Scan
ACK Scan
You can also choose to Enable or Disable protection against
various denial-of-service type attacks with the DOS Protection
option.
A "de nial-of-service" attack is characterized by an explicit
attempt by attackers to prevent legitimate users of a service
from using that service. Examples include: attempts to "flood" a
network, thereby preventing legitimate network traffic, attempts
to disrupt connections between two machines, thereby
preventing access to a service, attempts to p revent a particular
individual from accessing a service, or, attemp ts to disrupt
service to a specific system or person.
The Service F iltering options allow you to block FTP, Telnet or
response to Pings from the external network. Check the
category you want to block to enable filtering of that type of
packet.
When you have selected the desired Firewall policies, click the
Apply b utton to enforce the policies. Remember to save any
configuration changes.