Chapter 6 – RouteFinder Software
Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)
51
Administration > Intruder Detection
Administration > Intrusion Detection
The Intrusion Detection mechanism notifies the administrator if there has been any tampering with the files on the server.
Intrusion Detection
Enable File Integrity Check
–
Check the box to enable File Integrity Checking.
Time Interval –
Select the amount of time you would like the system to conduct this check. Options are every 5
Minutes, Hourly, or Daily. Then click the
Save
button.
Network Intrusion Detection
This allows the user to detect attacks on the network. In the event that port scans are carried out by hackers
who look for a secure network with weak spots. When this feature is enabled, it informs the administrator by
email as soon as the attack has been logged. The administrator can decide what actions are to be taken. By
default, DOS attack, minimum fragmentation checks, port scans, DNS attacks, bad packets, overflows, chat
accesses, Web attacks will be detected; and then the administrator is informed. Apart from the above, the user
can configure user-defined rules for intrusion detection.
Enable Network Intrusion Detection for LAN
–
Check the box to enable Network Intrusion Detection for the
LAN. Then click the
Save
button.
Enable Network Intrusion Detection for WAN
–
Check the box to enable Network Intrusion Detection for the
WAN. Then click the
Save
button.
Enable Network Intrusion Detection for DMZ
–
Check the box to enable Network Intrusion Detection for the
DMZ. Then click the
Save
button.
User-Defined Network Intrusion Detection Rules
SRC IP Address
This selection allows you to choose the network from which the information packet must be sent for the rule to
match. Network groups can also be selected. The ANY option matches all IP addresses; it does not matter
whether they are officially assigned addresses or private addresses. These Networks or groups must be
predefined in the Networks menu.
Destination IP Address
This selection allows you to choose the network to which the information packet must be sent for the rule to
match. Network groups can also be selected. These network clients or groups must have been previously
defined in the Networks menu.
Protocol
This selection allows you to choose the corresponding service. The service must have been previously defined
in the Services menu. Select intrusion detection rules from the following dropdown list boxes:
Add
After the rules are defined/selected, click the
Add
button. The commands can be deleted by clicking
Delete
under the Command option.