62
Version 1.0
attackers if the ISN (Initial Sequence Number) is generated randomly. Forged packets
with valid sequence numbers can be used to gain trust from the receiving host.
Attackers can then gain access to the compromised system. Note that this attack
affects only the TCP packets originated or terminated at the Internet Security Router.
Sequence Number Out of Range Check:
Protect against TCP out of range
sequence number attacks. An attacker can send a TCP packet to cause an intrusion
detection system (IDS) to become unsynchronized with the data in a connection.
Subsequent frames sent in that connection may then be ignored by the IDS. This may
indicate an unsuccessful attempt to hijack a TCP session.
ICMP Verbose:
Check or un-check this option to enable or disable protection against
ICMP error message attacks. ICMP messages can be used to fold your network with
undesired traffic.
Max IP Fragment Count:
Enter the maximum number of fragments the Firewall
should allow for every IP packet. This option is required if your connection to the ISP is
through PPPoE. This data is used during transmission or reception of IP fragments.
When large sized packets are sent via 3.5G plus WLAN Mobile Server Router, the
packets are chopped into fragments as large as MTU (Maximum Transmission Unit).
By default, this number is set to 45. If MTU of the interface is 1500(default for
Ethernet), then there can be a maximum of 45 fragments per IP packet. If the MTU is
less, then there can be more number of fragments and this number should be
increased.
Minimum IP Fragment Size:
Enter the Minimum size of IP fragments to be allowed
through Firewall. This limit will not be enforced on the last fragment of the packet. If
the Internet traffic is such that it generates many small sized fragments, this value can
be decreased. This can be found if there are lots of packet losses, degradation in
speed and if the flowing log message is generated very often: “fragment of size less
than configured minimum fragment size detected”.
5. Apply & Cancel
Click on
Apply
button to continue. Click on
Cancel
button to clear the settings on this
page.
6. DoS Attacks Blocking List
The list shows all the DoS attacks blocking items.
Summary of Contents for 3GWIFIMRD
Page 1: ...Version 1 0 1 3GWIFIMRD 3 5G plus WLAN Desktop Server Router User Manual ...
Page 18: ...Version 1 0 18 If it can t work it will show Request timed out ...
Page 209: ...209 Version 1 0 ...
Page 212: ...212 Version 1 0 Step 9 Your hostname has been created when you see the following page ...