Справочник Пользователя для ASUS rx3041h
Chapter 9. Configuring Firewall/NAT Settings
RX3041H User’s Manual
66
4. Click on the
button to modify this service. The new settings for this service will then be
displayed in the service list table at the bottom half of the Service configuration page.
9.7.2.4 Delete
a
Service
To delete a service, follow the instructions below:
1. Open the Service List configuration page by clicking the Firewall
Î Advanced Î Service.
2. Select the service from the service drop-down list or click on the
icon of the service to be
modified in the service list table.
3. Click on the
button to delete this service. Note that the service deleted will be removed
from the service list table located at the bottom half of the same configuration page.
9.7.2.5 View
Configured
Services
To see a list of existing services, follow the instructions below:
1. Open the Service List configuration page by clicking the Firewall
Î Advanced Î Service.
2. The service list table located at the bottom half of the Service configuration page shows all the
configured services.
9.7.3
Configuring DoS Settings
The RX3041H has a proprietary Attack Defense Engine that protects internal networks from Denial of Service
(DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can
drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the
RX3041H Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected
Windows systems in the Internet. The RX3041H Firewall also provides protection from a variety of common
Internet attacks such as IP Spoofing, Ping of Death, Land Attack, Reassembly and SYN flooding. For a
complete list of DoS protection provided by the RX3041H, please see Table 2.3.
(DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can
drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the
RX3041H Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected
Windows systems in the Internet. The RX3041H Firewall also provides protection from a variety of common
Internet attacks such as IP Spoofing, Ping of Death, Land Attack, Reassembly and SYN flooding. For a
complete list of DoS protection provided by the RX3041H, please see Table 2.3.
9.7.3.1
DoS Protection Configuration Parameters
Table 9.5 describes the configuration parameters available for DoS Protection.
Table 9.5. DoS Protection Configuration Parameters
Field
Description
SYN Flooding
Check or un-check this option to enable or disable protection against SYN
Flood attacks. This attack involves sending connection requests to a server,
but never fully completing the connections. This will cause some computers
to get into a "stuck state" where they cannot accept connections from
legitimate users. ("SYN" is short for "SYNchronize"; this is the first step in
opening an Internet connection). You can select this box if you wish to
protect the network from TCP SYN flooding. By default, SYN Flood
protection is enabled.
Flood attacks. This attack involves sending connection requests to a server,
but never fully completing the connections. This will cause some computers
to get into a "stuck state" where they cannot accept connections from
legitimate users. ("SYN" is short for "SYNchronize"; this is the first step in
opening an Internet connection). You can select this box if you wish to
protect the network from TCP SYN flooding. By default, SYN Flood
protection is enabled.
Winnuke
Check or un-check this option to enable or disable protection against
Winnuke attacks. Some older versions of the Microsoft Windows OS are
vulnerable to this attack. If the computers in the LAN are not updated with
recent versions/patches, you are advised to enable this protection by
checking this check box.
Winnuke attacks. Some older versions of the Microsoft Windows OS are
vulnerable to this attack. If the computers in the LAN are not updated with
recent versions/patches, you are advised to enable this protection by
checking this check box.
MIME Flood
Check or un-check this option to enable or disable protection against MIME
attacks. You can select this box to protect the mail server in your network
against MIME flooding.
attacks. You can select this box to protect the mail server in your network
against MIME flooding.
FTP Bounce
Check or un-check this option to enable or disable protection against FTP
bounce attack In its simplest terms the attack is based on the misuse of the
bounce attack In its simplest terms the attack is based on the misuse of the