
Chapter 8 Security
Click Security > Firewall > DDOS to open this screen as shown next.
Figure 70 DDOS Screen
This screen contains the following fields:
Table 52 DDOSLABEL | DESCRIPTION |
Prevent from TCP | Select this to monitor for and block TCP SYN flood attacks. |
SYN Flood | A SYN flood is one type of denial of service attack where an overwhelming |
| |
| number of SYN requests assault a client device. |
|
|
Prevent from UDP | Select this to monitor for and block UDP flood attacks. |
Flood | An UDP flood is a type of denial of service attack where an overwhelming |
| |
| number of UDP packets assault random ports on a client device. Because the |
| device is forced to analyze and respond to each packet, it quickly becomes |
| unreachable to other devices. |
|
|
Prevent from | Select this to monitor for and block ICMP flood attacks. |
ICMP Flood | An ICMP flood is a type of denial of service attack where an overwhelming |
| |
| number of ICMP ping assault a client device, locking it down and preventing it |
| from responding to requests from other servers. |
|
|
Prevent from Port | Select this to monitor for and block port scan attacks. |
Scan | A port scan attack is typically the precursor to a |
| |
| attack wherein each port on a device is probed for security holes that can be |
| exploited. Once a security flaw is discovered, an attacker can initiate the |
| appropriate denial of service attack or intrusion attack against the client device. |
|
|
Prevent from | Select this to monitor for and block LAND attacks. |
LAND Attack | A Local Area Network Denial (LAND) attack is a type of denial of service attack |
| |
| where a spoofed TCP SYN packet targets a client device’s IP address and forces it |
| into an infinite recursive loop of querying itself and then replying, effectively |
| locking it down. |
|
|
Prevent from IP | Select this to monitor for and block IP address spoof attacks. |
Spoof | An IP address spoof is an attack whereby the source IP address in the incoming |
| |
| IP packets allows a malicious party to masquerade as a legitimate user and gain |
| access to the client device. |
|
|
Prevent from | Select this to monitor for and block ICMP redirect attacks. |
ICMP redirect | An ICMP redirect attack is one where forged ICMP redirect messages can force |
| |
| the client device to route packets for certain connections through an attacker’s |
| host. |
|
|
128 |
|
WiMAX Device Configuration User’s Guide | |
|
|