Filter
Top Products
DSL-G804V Wireless ADSL Router User’s Guide
The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the
Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on
whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router
determines to be suspicious.
Figure 4-7. Firewall – Intrusion Detection
Parameter Description
Intrusion Detection
Disable or activate this function.
Victim Protection
Block Duration
(seconds)
This is the duration for blocking Smurf attacks.
Scan Attack Block
Duration (seconds)
This is the duration for blocking hosts that attempt a possible Scan attack.
Scan attack types include X’mas scan, IMAP SYN/FIN scan and similar
attempts
DOS Attack Block
Duration (seconds)
This is the duration for blocking hosts that attempt a possible Denial of Service
(DoS) attack. Possible DoS attacks this attempts to block include Ascend Kill
and WinNuke.
Maximum TCP
Open Handshaking
Count (per second))
This is a threshold value to decide whether a SYN Flood attempt is occurring
or not.
Maximum Ping
Count (per second)
This is a threshold value to decide whether an ICMP Echo Storm is occurring
or not.
Maximum ICMP
Count (per second)
This is a threshold to decide whether an ICMP flood is occurring or not.
Clear Blocklist
If the router detects a possible attack, the source IP or destination IP address
will be added to the Blacklist. Any further attempts using this IP address will be
blocked for the time period specified as the Block Duration. Click it to remove
the detected IP addresses from the blocklist.
44