ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Firewall Protection and Content Filtering
4-11
v1.0, September 2007
.
Attack Checks
The Attack Check screen allows you to specify if the router should be protected against common
attacks from the LAN and WAN networks. The various types of attack checks are defined below.
To access the Attack Check screen:
1.
Select Security > Firewall Rules and click the
Attack Checks
tab. The Attack Checks screen
will display.
2.
Select the Attack Check types you want to enable. Descriptions of the various Attack Check
types are described in the following table.
3.
Click
Apply
to save your settings.
Note:
For security, NETGEAR strongly recommends that you avoid using the Default
DMZ Server feature. When a computer is designated as the Default DMZ Server, it
loses much of the protection of the firewall, and is exposed to many exploits from
the Internet. If compromised, the computer can be used to attack your network.
Attack Check Type
Description
WAN Security Checks
Respond to Ping On
Internet Port
To configure the router to respond to an ICMP Echo (ping) packet coming
in from the WAN side, check this box. This setting is usually used as a
diagnostic tool for connectivity problems. It is recommended that the
option be disabled at other times to prevent hackers from easily
discovering the router via a ping.
Enable Stealth Mode
If Stealth Mode is enabled, the router will not respond to port scans from
the WAN, which makes it less susceptible to discovery and attacks.
Block TCP Flood
If this option is enabled, the router will drop all invalid TCP packets and be
protected protect from a SYN flood attack.
LAN Security Checks
Block UDP Flood
If this option is enabled, the router will not accept more than 20
simultaneous, active UDP connections from a single computer on the
LAN.