AirLive RS-2000 User Manual
Page 36
35
【
UDP Flood Threshold( Per Source IP) Pkts/Sec】: The System Administrator
can enter the maximum number of UDP packets per second from attacking
source IP Address that is allow to enter the network/Bandwidth Manager.
【
UDP Flood Threshold Blocking Time ( Per Source IP) Seconds】: The
System Administrator can enter the blocking time when the number of UDP
packets per second from attacking source IP Address that is allow to enter
the network/Bandwidth Manager exceed the maximum number (define as
above). After blocking for certain seconds, the device will start to calculate
the max number of UDP packets per second from attacking source IP
Address, if the max number still exceed the define value, it will block the
attacking IP Address continuously.
!
Detect Ping of Death Attack: Select this option to detect the attacks of tremendous
trash data in PING packets that hackers send to cause System malfunction This
attack can cause network speed to slow down, or even make it necessary to restart
the computer to get a normal operation.
!
Detect IP Spoofing Attack: Select this option to detect spoof attacks. Hackers
disguise themselves as trusted users of the network in Spoof attacks. They use a
fake identity to try to pass through the Bandwidth Manager System and invade the
network.
!
Detect Port Scan Attack: Select this option to detect the port scans hackers use to
continuously scan networks on the Internet to detect computers and vulnerable ports
that are opened by those computers.
!
Detect Tear Drop Attack: Select this option to detect tear drop attacks. These are
packets that are segmented to small packets with negative length. Some Systems
treat the negative value as a very large number, and copy enormous data into the
System to cause System damage, such as a shut down or a restart.
!
Filter IP Source Route Option: Each IP packet can carry an optional field that
specifies the replying address that can be different from the source address
specified in packet’s header. Hackers can use this address field on disguised
packets to invade LAN networks and send LAN networks’ data back to them.