Vigor130 Series User’s Guide
72
S
S
t
t
a
a
t
t
e
e
f
f
u
u
l
l
P
P
a
a
c
c
k
k
e
e
t
t
I
I
n
n
s
s
p
p
e
e
c
c
t
t
i
i
o
o
n
n
(
(
S
S
P
P
I
I
)
)
Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy
static packet filtering, which examines a packet based on the information in its header,
stateful inspection builds up a state machine to track each connection traversing all interfaces
of the firewall and makes sure they are valid. The stateful firewall of Vigor modem not just
examine the header information also monitor the state of the connection.
D
D
e
e
n
n
i
i
a
a
l
l
o
o
f
f
S
S
e
e
r
r
v
v
i
i
c
c
e
e
(
(
D
D
o
o
S
S
)
)
D
D
e
e
f
f
e
e
n
n
s
s
e
e
The
DoS Defense
functionality helps you to detect and mitigate the DoS attack. The attacks
are usually categorized into two types, the flooding-type attacks and the vulnerability attacks.
The flooding-type attacks will attempt to exhaust all your system's resource while the
vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the
protocol or operation system.
The
DoS Defense
function enables the Vigor modem to inspect every incoming packet based
on the attack signature database. Any malicious packet that might duplicate itself to paralyze
the host in the secure LAN will be strictly blocked and a Syslog message will be sent as
warning, if you set up Syslog server.
Also the Vigor modem monitors the traffic. Any abnormal traffic flow violating the
pre-defined parameter, such as the number of thresholds, is identified as an attack and the
Vigor modem will activate its defense mechanism to mitigate in a real-time manner.
The below shows the attack types that DoS/DDoS defense function can detect:
1. SYN flood attack
2. UDP flood attack
3. ICMP flood attack
4. Port Scan attack
5. IP options
6. Land attack
7. Smurf attack
8. Trace route
9. SYN fragment
10. Fraggle attack
11. TCP flag scan
12. Tear drop attack
13. Ping of Death attack
14. ICMP fragment
15. Unknown protocol
Below shows the menu items for Firewall.
Summary of Contents for Vigor130
Page 1: ...Vigor130 Series User s Guide i ...
Page 10: ......
Page 36: ...Vigor130 Series User s Guide 26 This page is left blank ...
Page 51: ...Vigor130 Series User s Guide 41 ...
Page 96: ...Vigor130 Series User s Guide 86 ...
Page 156: ...Vigor130 Series User s Guide 146 This page is left blank ...
Page 159: ...Vigor130 Series User s Guide 149 ...
Page 160: ...Vigor130 Series User s Guide 150 This page is left blank ...
Page 168: ...Vigor130 Series User s Guide 158 This page is left blank ...