Draytek VIGOR 2700GE/E User Manual

Page 53

background image

Vigor2700Ge/e User’s Guide

48

SYN packets with the identical source and destination addresses, as
well as the port number to victims.

Block Unknown
Protocol

Check the box to activate the Block Unknown Protocol function.
Individual IP packet has a protocol field in the datagram header to
indicate the protocol type running over the upper layer. However,
the protocol types greater than 100 are reserved and undefined at
this time. Therefore, the router should have ability to detect and
reject this kind of packets.

Warning Messages

We provide Syslog function for user to retrieve message from Vigor
router. The user, as a Syslog Server, shall receive the report sending
from Vigor router which is a Syslog Client. (Refer to Chapter 13
System Maintenance Syslog Access Setup for detail information.)

All the warning messages related to DoS defense will be sent to user
and user can review it through Syslog daemon. Look for the keyword
DoS in the message, followed by a name to indicate what kind of
attacks is detected.

3

3

.

.

4

4

.

.

7

7

U

U

R

R

L

L

C

C

o

o

n

n

t

t

e

e

n

n

t

t

F

F

i

i

l

l

t

t

e

e

r

r

Based on the list of user defined keywords, the URL Content Filter facility in Vigor router
inspects the URL string in every outgoing HTTP request. No matter the URL string is found
full or partial matched with a keyword, the Vigor router will block the associated HTTP
connection.

For example, if you add key words such as “sex”, Vigor router will limit web access to web
sites or web pages such as “www.sex.com”, ”www.backdoor.net/images/sex/p_386.html”. Or
you may simply specify the full or partial URL such as “www.sex.com” or “sex.com”.

Also the Vigor router will discard any request that tries to retrieve the malicious code.

Click Firewall and click URL Content Filter to open the setup page.