Page 51 / 82 Scroll up to view Page 46 - 50
TL-R480T
SMB Broadband Router User Guide
45
Port Scan -
During the specific time, if a computer (identified by a particular source IP
address) transmits TCP SYN packets to another computer's (identified by a destination
IP address) ten different ports, then the source IP address will be deemed to make Port
Attacks. And the Router will start up the blocking function immediately.
IP Snoop -
If you select this option, the Router will monitor whether the packets from the
particular region is doing IP deceive. In the event, the Router will start up the blocking
function immediately. Note: The function takes effect only when the Region is LAN.
¾
DoS Attack Defence
ICMP Flood
-
-
During a second, if a destination IP addresses receives many packets,
and the number of these packets exceeds the prescript value, then the destination IP will
be deemed to suffering from ICMP Flood Attack. And the Router will start up the blocking
function immediately.
UDP Flood -
During a second, if a particular port of a destination IP addresses receives
many packets, and the number of these packets exceeds the prescript value, then the
Port will be deemed to suffering from UDP Flood Attack. And the Router will start up the
blocking function immediately.
SYN Flood -
During a second, if a particular port of a destination IP addresses receives
many TCP SYN packets, and the number of these packets exceeds the prescript value,
then the Port will be deemed to suffering from SYN Flood Attack. And the Router will
start up the blocking function immediately.
Land Attack
-
This is an attack combining Flood attack and IP spoofing. When the
attackers send the spoof SYN datagram which including the casualty's IP address and
make it the destination and source IP addreess, the LAND attack happens. And the
Router will start up the blocking function immediately.
WinNuke -
WinNuke is a Dos attack for any Windows computers runing in the internet.
The attackers send the TCP fragment (usually sets the emergent field to the Net BIOS'S
139 port) to the connection established computers. So the NetBIOS fragments created
and make the Windows computers collapse. And the Router will start up the blocking
function immediately.
¾
Dubious Packet Defence
Large ICMP packet:
The normal ICMP packets are very short, there normal length is
shorter than 1024 Bytes. If the ICMP packets' length is larger than 1024 Bytes, then they
will be considered as large ICMP packets. And the Router will start up the blocking
function immediately.
TCP packet without Flag:
The normal TCP packets contain flag in the packet header,
or else the packets will be considered as abnormal dubious packets. And the Router will
start up the blocking function immediately.
TCP packet with both SYN and FIN:
The TCP packets which have both SYN and FIN
settings in the packets header will be considered as abnormal TCP packets. And the
Router will start up the blocking function immediately.
TCP packet with FIN but without ACK:
The TCP packets that contains FIN but without
Page 52 / 82
TL-R480T
SMB Broadband Router User Guide
46
ACK is considered as abnormal. And the Router will start up the blocking function
immediately.
Unknow Protocol
-
In IP head the protocol type field, 135 and the value bigger than 135
is reserved and undefined. Because the protocols are undefined, we can not predict a
specifically unknow protocol is well-meaning or baleful. To these nonstandard protocols,
the carefully attitude is the best way to prevent them interning into the protected network.
¾
Packet Defence with IP option
IP Timestamp Option:
If you select this option, the Router will monitor whether the IP
packets from the particular region contain the field of Internet Timestamp. In the event,
the Router will start up the blocking function immediately.
IP Security Option:
If you select this option, the Router will monitor whether the IP
packets from the particular region contain the field of Security. In the event, the Router
will start up the blocking function immediately.
IP Stream Option:
If you select this option, the Router will monitor whether the IP
packets from the particular region contain the field of of Stream ID. In the event, the
Router will start up the blocking function immediately.
IP Record Route Option:
If you select this option, the Router will monitor whether the IP
packets from the particular region contain the field of Record Route. In the event, the
Router will start up the blocking function immediately.
IP Loose Source Route Option:
If you select this option, the Router will monitor
whether the IP packets from the particular region contain the field of Loose Source Route.
In the event, the Router will start up the blocking function immediately.
IP Strict Source Route Option:
If you select this option, the Router will monitor whether
the IP packets from the particular region contain the field of Strict Source Route. In the
event, the Router will start up the blocking function immediately.
Invalid IP option:
If you select this option, the Router will monitor whether the IP
packets from the particular region is integrated or right. In the event, the Router will start
up the blocking function immediately.
4.7
Static Routing
Choose menu “
Static Routing
”, you can configure the static route in the next screen (shown in
Figure 4-38). A static route is a pre-determined path that network information must travel to reach
a specific host or network.
Page 53 / 82
TL-R480T
SMB Broadband Router User Guide
47
Figure 4-38
¾
Destination IP Address
-
The “Destination IP Address” is the address of the network or host
that you want to assign to a static route.
¾
Subnet Mask
-
The “Subnet Mask” determines which portion of an IP address is the network
portion, and which portion is the host portion.
¾
Default Gateway
-
This is the IP address of the gateway device that allows for contact
between the router and the network or host.
¾
Status
-
This field displays the status,
Enabled
means the rule is effective,
Disabled
means
the rule is ineffective.
To add/modify a static routing entry:
Step 1:
Click
Add New…
/
Modify
shown in Figure 4-38, you will see a new screen shown in
Figure 4-39.
Step 2:
Enter the appropriate Destination IP Address, Subnet Mask and Default Gateway, and
then select the status.
Figure 4-39
Step 3:
Click
Save
to make the entry take effect.
)
Note:
If you want to add more than one static route, please go to
step 1
to continue.
Other configurations for the entries as shown in Figure 4-28:
Page 54 / 82
TL-R480T
SMB Broadband Router User Guide
48
Click the
Delete
button to delete the entry.
Click the
Enable All
button to enable all the entries.
Click the
Disable All
button to disable all the entries.
Click the
Delete All
button to delete all the entries.
Click the
Previous
button to view the information in the previous screen,
click the
Next
button to
view the information in the next screen.
4.8
Session Limit
Choose menu “
Session Limit
”, you can see the submenus under the main menu:
Figure 4-40
Click any of them, and you will be able to configure the corresponding function. The detailed
explanations for each submenu are provided below.
4.8.1
Session Limit
Choose menu “
Session Limit
Session Limit
”, you can view and configure the session limits in
the next screen. For conveniently control the connections of the computers in the LAN, you can
set the max number of connections for different computers.
Figure 4-41
¾
Enable:
Enable or disable the session limit. Only after choose "Enable", the configuration will
take effect.
¾
LAN IP address:
The controlled computer's IP address. You can input an range of IP
address, for example: 192.168.1.20 -192.168.1.30. You can also input an IP address, such
as:192.168.1.40.
¾
Max Session:
The max connections of the computer.
To add/modify a session limit entry:
Step 1:
Click
Add New…
/
Modify
shown in Figure 4-41, you will see a new screen shown in
Page 55 / 82
TL-R480T
SMB Broadband Router User Guide
49
Figure 4-42.
Step 2:
Enter the appropriate LAN IP Address, Max Session and then select the status.
Figure 4-42
Step 3:
Click the
Save
button.
4.8.2
Session List
Choose menu “
Session Limit
Session List
”, you can view the the information about the
number of connection.
Figure 4-43
)
Note:
You can click the
Refresh
to update the information.
4.9
QoS
Choose menu “
QoS
”, you can see the submenus under the main menu:
Figure 4-44
Click any of them, and you will be able to configure the corresponding function. The detailed
explanations for each submenu are provided below.

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top