Справочник Пользователя для ASUS rx3041h
Chapter 2. Getting to Know the RX3041H
RX3041H User’s Manual
6
that no ports need to be opened other than the required ones. This provides a solution which is highly secure
and that offers scalability and extensibility.
and that offers scalability and extensibility.
2.4.1.4
Defense against DoS Attacks
The RX3041H Firewall has an Attack Defense Engine that protects internal networks from known types of
Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding,
IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can drop ICMP redirects and IP loose/strict
source routing packets. For example, the RX3041H Firewall provides protection from “WinNuke”, a widely
used program to remotely crash unprotected Windows systems in the Internet. The RX3041H Firewall also
provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack,
Reassembly and SYN flooding.
Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding,
IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can drop ICMP redirects and IP loose/strict
source routing packets. For example, the RX3041H Firewall provides protection from “WinNuke”, a widely
used program to remotely crash unprotected Windows systems in the Internet. The RX3041H Firewall also
provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack,
Reassembly and SYN flooding.
The type of attack protections provided by the RX3041H are listed in Table 2.3.
Table 2.3. DoS Attacks
Type of Attack
Name of Attacks
Re-assembly attacks
Bonk, Boink, Teardrop (New Tear),
Overdrop, Opentear, Syndrop, Jolt
Overdrop, Opentear, Syndrop, Jolt
ICMP Attacks
Ping of Death, Smurf, Twinge
Flooders
ICMP Flooder, UDP Flooder, SYN
Flooder
Flooder
Port Scans
TCP XMAS Scan, TCP Null Scan
TCP SYN Scan, TCP Stealth Scan
TCP SYN Scan, TCP Stealth Scan
TCP Attacks
TCP sequence number prediction, TCP
out-of sequence attacks
out-of sequence attacks
Protection with PF Rules
Echo-Chargen, Ascend Kill
Miscellaneous Attacks
IP Spoofing, LAND, Targa, Tentacle
MIME Flood, Winnuke, FTP Bounce, IP
unaligned time stamp attack
MIME Flood, Winnuke, FTP Bounce, IP
unaligned time stamp attack
2.4.1.5 Application
Command
Filtering
The RX3041H Firewall allows network administrators to block, monitor, and report on network users access to
non-business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.
non-business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.
The RX3041H Firewall has the ability to handle active content filtering on certain application protocols such as
HTTP, FTP, SMTP and RPC.
HTTP, FTP, SMTP and RPC.
HTTP – You can define HTTP extension based filtering schemes for blocking
ActiveX
Java Archive
Java Applets
Microsoft Archives
URLs based on file extensions.
Java Archive
Java Applets
Microsoft Archives
URLs based on file extensions.
FTP – allows you to define and enforce the file transfer policy for the site or group of users
SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information
SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information
about the recipient.
RPC – allows you to filter programs based on the assigned RPC program numbers.