2 intrusion log, 3 black list – D-Link DRO-210i User Manual

Firewall

Dlink DRO-210i User Guide

48

7.2.2 Intrusion Log

When traffic matches an Intrusion signature and is blocked by the IDS engine, the
blocking event is recorded in the Intrusion Detection Log.

Select Status →

→

→

→

Log Tables →

→

→

→

Intrusion Log to view the Intrusion Log Table as

explained below.

Intrusion Log Table

Intrusion Time

Displays the time when the intrusion happened.

Intrusion Type

Displays a brief statement of the type of intrusion that was attempted.
The router’s firewall can detect following attacks - SYN Flooding , TCP
Hijacking, LAND Attack, WinNuke/OOBNuke, Christmas Tree SYN /
FIN (Jackal), SYN / FIN (zero-sized DNS zone payload), BackOffice,
NetBus, Smurf, Tear Drop, ICMP Flooding.

Source: port

Displays the source IP address and the TCP/UDP port that the intrusion
was attempted from.

Destination: port

Displays the destination IP address and the TCP/UDP port that the
intrusion was attempted to.

7.2.3 Black List

This list shows the blacklist of intruders in the "Intruder Blacklist" which are
automatically blocked as soon as they are detected.

Select Status →

→

→

→

Log Tables →

→

→

→

Black List to view the Black List Table as explained

below.

Black List Table

Source IP

Displays the source IP address that was blacklisted.

Destination IP

Displays the destination IP that was blacklisted.

Destination
Port/Transport Type

Displays the destination port and transport type of the blacklisted packet.

Blocking Duration

Displays the time of blocking in seconds.

Press Delete button for unblock the corresponding entry.

Web UI

Web UI