Security settings
87
“telling” the router which way it needs the firewall configured. The router ships with the UPnP
feature disabled. If you are using any applications that are UPnP compliant and want to take
advantage of UPnP, you can enable the feature. Select
Enable UPnP
in the UPnP section, and
then click
Save
to save the change.
Remote Administration
Remote administration allows you to make changes to your router’s settings from anywhere on
the Internet. To remotely manage the router, the remote user must type the following into their
browser: http://<router WAN IP address>:8000 or 8001 if using HTTPS (unless the default
port has been changed).
Note
Before you enable this function, make sure you have set the administrator password.
DoS
The router is equipped with a firewall that protects your network from a wide array of common
Denial of Service (DoS) attacks. A DoS attack is an attempt by a hacker to disrupt the normal
functioning of a target server, making it unavailable to users. A Distributed DoS (DDoS) attack
is a coordinated DoS attack from multiple source machines that flood a target server with
disruptive traffic until it fails. Turning off the DDoS Attack Filter does not leave your network
completely vulnerable to hacker attacks. HP recommends that you enable the DoS detecting
function whenever possible.
Note
When a DoS attack is detected, an alert symbol ( ) displays on the
Security
line of the
System
>
Status
page (also the router’s Alert LED flashes until an attack ends). If you open
the
Security
section, an alert message next to
DOS
indicates the security violation. Click
Alert
to view the log details on the
System
>
Log
page. Click
Clear
to remove the alert
message from the status page.
•
IP Spoofing
: Prevents a hacker from creating an alias (spoof) of the unit’s IP address to
which all traffic is redirected.
•
Ping of Death
: Prevents the receival of an oversized ping packet that the unit cannot
handle. Normal ping packets are 56 bytes, or 84 bytes with the IP header attached. The
Ping of Death will exceed the maximum IP packet size of 65,535 bytes.
•
IP with zero length
: Prevents received IP packets with zero data length from causing the
router system to crash.
•
Smurf Attack
: Prevents a hacker from forging the IP address of the unit and sending
repeated ping requests to it flooding the network.
•
UDP port loopback
: Prevents UDP ports 7 (echo) and 19 (chargen) being used to send
data to each other causing an infinite loop that leads to a loss of performance and high
consumption of network bandwidth.
•
Snork Attack
: Prevents attacks on Windows computers that send UDP packets with a
source port of 7 (echo) or 19 (chargen) to destination port 135, causing unnecessary
system activity that can significantly slow performance or crash the system.
•
Syn flooding
: Prevents a synchronized (SYN) attack in which the process of the common
three way TCP handshake is interrupted and the acknowledge response gets sent to a
malicious IP address, or the system is flooded with false SYN requests.
Содержание PS110
Страница 6: ...6 ...
Страница 10: ...10 Deploying the HP PS110 ...
Страница 32: ...32 Managing the HP PS110 system ...
Страница 48: ...48 LAN configuration ...
Страница 76: ...76 VPN configuration ...
Страница 84: ...84 Routing configuration ...
Страница 94: ...94 Firewall configuration ...
Страница 126: ...126 Tools ...
Страница 130: ...130 ...