Configuring attack alert, 9 configuring attack alert – ZyXEL Communications Internet Security Gateway ZyWALL 2 Series User Manual

ZyWALL 2 Series User’s Guide

11-20

Firewall

Screens

Table 11-5 Predefined Services

SERVICE

DESCRIPTION

SMTP(TCP:25)

Simple Mail Transfer Protocol is the message-exchange standard for the
Internet. SMTP enables you to move messages from one e-mail server to
another.

SNMP(TCP/UDP:161)

Simple Network Management Program.

SNMP-
TRAPS(TCP/UDP:162)

Traps for use with the SNMP (RFC:1215).

SQL-NET(TCP:1521)

Structured Query Language is an interface to access data on many
different types of database systems, including mainframes, midrange
systems, UNIX systems and network servers.

SSH(TCP/UDP:22)

Secure Shell Remote Login Program.

STRM WORKS(UDP:1558)

Stream Works Protocol.

SYSLOG(UDP:514)

Syslog allows you to send system logs to a UNIX server.

TACACS(UDP:49)

Login Host Protocol used for (Terminal Access Controller Access Control
System).

TELNET(TCP:23)

Telnet is the login and terminal emulation protocol common on the Internet
and in UNIX environments. It operates over TCP/IP networks. Its primary
function is to allow users to log into remote host systems.

TFTP(UDP:69)

Trivial File Transfer Protocol is an Internet file transfer protocol similar to
FTP, but uses the UDP (User Datagram Protocol) rather than TCP
(Transmission Control Protocol).

VDOLIVE(TCP:7000)

Another videoconferencing solution.

11.9 Configuring Attack Alert

Attack alerts are the first defense against DOS attacks. In the Attack Alert screen, shown later, you may
choose to generate an alert whenever an attack is detected. For DoS attacks, the ZyWALL uses thresholds to
determine when to drop sessions that do not become fully established. These thresholds apply globally to all
sessions.

You can use the default threshold values, or you can change them to values more suitable to your security
requirements.