Справочник Пользователя для Avira antivir network bundle 2012
Reference: Configuration options
Avira Professional Security - User Manual (Status: 23 Sep. 2011)
140
ICMP protocol
The Internet Control Message Protocol (ICMP) is used to exchange error and information
messages on networks. The protocol is also used for status messages with ping or tracer.
With this rule, you can define the incoming and outgoing blocked message types, the
behavior in case of flooding and the reaction to fragmented ICMP packets. This rule
serves for preventing so-called ICMP flood attacks, which results in an increase of the
CPU load of the attacked machine as it responds to every packet.
messages on networks. The protocol is also used for status messages with ping or tracer.
With this rule, you can define the incoming and outgoing blocked message types, the
behavior in case of flooding and the reaction to fragmented ICMP packets. This rule
serves for preventing so-called ICMP flood attacks, which results in an increase of the
CPU load of the attacked machine as it responds to every packet.
Predefined rules for the ICMP protocol
Setting
Rules
Low
Incoming blocked types: no type.
Outgoing blocked types: no type.
Assume flooding if delay between packets is less
than 50 ms.
than 50 ms.
Reject fragmented ICMP packets.
Medium
Same rule as for the low level.
High
Incoming blocked types: several types
Outgoing blocked types: several types
Assume flooding if delay between packets is less
than 50 ms.
than 50 ms.
Reject fragmented ICMP packets.
Incoming blocked types: no types/several types
With a mouse click on the link a list of ICMP packet types is displayed. From this list
you can specify the desired incoming ICMP message types you want to block.
you can specify the desired incoming ICMP message types you want to block.