Chapter 6
Security
RUGGEDCOM ROX II
CLI User Guide
186
Protecting Against a SYN Flood Attack
Port forwarding can also remap port numbers. The second host may also need to answer http requests. As
connections to port 80 are directed to the first host, another port number (such as 8080) can be dedicated to the
second host. As requests arrive at the gateway for port 8080, the gateway remaps the port number to 80 and
forwards the request to the second host.
Port forwarding also takes the source address into account. Another way to solve the above problem could be
to dedicate two hosts 200.0.0.1 and 200.0.0.2 and have the NAT gateway forward requests on port 80 from
200.0.0.1 to 192.168.1.10 and from 200.0.0.2 to 192.168.1.20.
Section 6.9.1.5
Protecting Against a SYN Flood Attack
RUGGEDCOM ROX II responds to SYN packets according to the TCP standard by replying with a SYN-ACK packet for
open ports and an RST packet for closed ports. If the device is flooded by a high frequency of SYN packets, the port
being flooded may become unresponsive.
To prevent SYN flood attacks on closed ports, set the firewall to block all traffic to closed ports. This prevents SYN
packets from reaching the kernel.
Siemens also recommends setting the listen ports to include IP addresses on separate interfaces. For example, set
the device to listen to an IP address on switch.0001 and fe-cm-1. This will make sure that one port is accessible if
the other is flooded.
Section 6.9.1.6
Protecting Against IP Spoofing
IP spoofing is a technique where IP packets are created with a false source IP address, with the intent of concealing
the identity of the sender or impersonating a trusted host. As a result, unauthorized users can gain access to a
network.
In RUGGEDCOM ROX II, IP spoofing can be prevented by enabling the
routefilter
and
logmartians
for the
firewall interface.
For information about enabling
routefilter
and
logmartians
, refer to
.
Section 6.9.2
Viewing a List of Firewalls
To view a list of firewalls, type:
show
running-config security firewall fwconfig
If firewalls have been configured, a table or list similar to the following example appears:
ruggedcom# show running-config security firewall fwconfig
security
firewall
fwconfig firewall1
!
fwconfig firewall2
!
!
!
Содержание RUGGEDCOM ROX II
Страница 2: ...RUGGEDCOM ROX II CLI User Guide ii ...
Страница 4: ...RUGGEDCOM ROX II CLI User Guide iv ...
Страница 39: ...RUGGEDCOM ROX II CLI User Guide Table of Contents xxxix 19 5 VLANs 752 ...
Страница 40: ...Table of Contents RUGGEDCOM ROX II CLI User Guide xl ...
Страница 46: ...Preface RUGGEDCOM ROX II CLI User Guide xlvi Customer Support ...
Страница 96: ...Chapter 2 Using RUGGEDCOM ROX II RUGGEDCOM ROX II CLI User Guide 50 Accessing Maintenance Mode ...
Страница 170: ...Chapter 5 System Administration RUGGEDCOM ROX II CLI User Guide 124 Deleting a Scheduled Job ...
Страница 256: ...Chapter 6 Security RUGGEDCOM ROX II CLI User Guide 210 Enabling Disabling a Firewall ...
Страница 402: ...Chapter 11 Wireless RUGGEDCOM ROX II CLI User Guide 356 Managing Cellular Modem Profiles ...
Страница 646: ...Chapter 13 Unicast and Multicast Routing RUGGEDCOM ROX II CLI User Guide 600 Deleting a Multicast Group Prefix ...
Страница 732: ...Chapter 15 Network Discovery and Management RUGGEDCOM ROX II CLI User Guide 686 Viewing NETCONF Statistics ...
Страница 790: ...Chapter 17 Time Services RUGGEDCOM ROX II CLI User Guide 744 Deleting a Broadcast Multicast Address ...