VG211R User Manual
4.6.4. Intrusion Detection
When the SPI (Stateful Packet Inspection) firewall feature is enabled, all packets can be
blocked. Stateful Packet Inspection (SPI) allows full support of different application types that are using
dynamic port numbers. For the applications checked in the list below, the product will support full
operation as initiated from the local LAN.
The product’s firewall can block common hacker attacks, including IP Spoofing, IP with zero length, IP
With Option, Too Short ICMP, Too Short TCP, Too Short UDP, Tiny Fragment Attack, NewTear
Attack, Smurf Attack, Land Attack, Ping of Death, UDP Loop Attack, Tear Drop Attack, Snork Attack,
Winnuke Attack, Bonk Attack, ASCEND Probe Attack, Boink Attack, SYN Drop Attack, Empty
Fragment Attack, Oshare Attack, TCP null scan, TCP Xmas scan, RIP defect, ICMP defect, TCP SYN
flood, UDP flood
及
Fragmentation Flood
。
Intrusion Detection Features:
SPI and Anti-DoS Firewall
Protection
Activate SPI and Anti-DoS
protection
RIP Defect
Reject the RIP packets from WAN
Discard PING from WAN
Reject all the PING request to the
WAN port
When hacker tries to attack, VG211R can send e-mail alert to the specified user. Enter related e-mail
information such as e-mail address and SMTP server. Some e-mail service providers require user to
enter POP3 information when trying to send e-mail. In this case, enter the POP3 server, user name and
password; otherwise, you don’t need to enter POP3 related information.
21
