beautypg.com

PC Concepts Full-Rated Router ADSL2+ User Manual

Page 80

background image

79

z

Land Attack: Sending packets that use the same address as the source and

destination address

z

Ping of Death: Illegal IP packet length.

DoS Protection: Click the Enable radio button to use the following denial of service

protections:

Max Half open TCP Connection: Sets the percentage of concurrent IP sessions that can be

in the half-open state. In ordinary TCP communication, packets are in the half-open state only

briefly as a connection is being initiated; the state changes to active when packets are being

exchanged, or closed when the exchange is complete. TCP connections in the half-open state

can use up the available IP sessions. If the percentage is exceeded, then the half-open

sessions will be closed and replaced with new sessions as they are initiated.

Max ICMP Connection: Sets the percentage of concurrent IP sessions that can be used for

ICMP messages. If the percentage is exceeded, then older ICMP IP sessions will be replaced

by new sessions as the are initiated.

Max Single Host Connection: Sets the percentage of concurrent IP session that can originate

from a single computer. This percentage should take into account the number of hosts on the

LAN.

Log Destination: Specifies how attempted violations of the firewall settings will be tracked.

Records of such events can be sent via Ethernet to be handled by a system utility (Trace) or

can e-mailed to specified administrators.

E-mail ID of Admin 1/2/3: Specifies the e-mail addresses of the administrators who should

receive notices of any attempted firewall violations. Type the addresses in standard internet

e-mail address format, e.g., [email protected].

5.7.4 IP

Filter

The IP filter feature enables you to create rules that control the forwarding of incoming

and outgoing data between your LAN and the Internet and within your LAN.

You can create IP filter rules to block attempts by certain computers on your LAN to access

certain types of data or Internet locations. You can also block incoming access to computers

on your LAN.

See also other documents in the category PC Concepts Hardware: