BROWAN COMMUNICATIONS
Page 128
Firewall | SPI
The Router inspects packets at the application layer, and
maintains TCP and UDP session information, including
timeouts and the number of active sessions. The Router
also provides the ability to detect and prevent certain types
of network attacks such as DOS attacks. Network attacks
that deny access to a network device are called
denial-of-service (DOS) attacks. Denials of Service (DOS)
attacks are aimed at devices and networks with a
connection to the Internet. The goal is not to steal
information, but to disable a device or network so users no
longer have access to network resources.
By using above inspected information and
timeout/threshold criteria, the Router provide following DOS
attacks prevention: Ping of Death (Ping flood) attack, SYN
flood attack, IP fragment attack (Teardrop Attack), Land
Attack, IP Spoofing attack, IP with zero length, TCP null
scan (Port Scan Attach), UDP port loopback, Stork Attack
etc.
Summary of Contents for BW1230
Page 1: ......
Page 164: ...BROWAN COMMUNICATIONS Page 165 ...