Draytek 2800 Series Network Router User Manual


 
Vigor2800 Series User’s Guide
53
IP spoofing. A Land attack occurs when an attacker sends spoofed
SYN packets with the identical source and destination addresses, as
well as the port number to victims.
Block Unknown
Protocol
Check the box to activate the Block Unknown Protocol function.
Individual IP packet has a protocol field in the datagram header to
indicate the protocol type running over the upper layer. However,
the protocol types greater than 100 are reserved and undefined at
this time. Therefore, the router should have ability to detect and
reject this kind of packets.
Warning Messages We provide Syslog function for user to retrieve message from Vigor
router. The user, as a Syslog Server, shall receive the report sending
from Vigor router which is a Syslog Client.
All the warning messages related to DoS defense will be sent to user
and user can review it through Syslog daemon. Look for the
keyword DoS in the message, followed by a name to indicate what
kind of attacks is detected.
3
3
.
.
4
4
.
.
7
7
U
U
R
R
L
L
C
C
o
o
n
n
t
t
e
e
n
n
t
t
F
F
i
i
l
l
t
t
e
e
r
r
Based on the list of user defined keywords, the URL Content Filter facility in Vigor router
inspects the URL string in every outgoing HTTP request. No matter the URL string is found
full or partial matched with a keyword, the Vigor router will block the associated HTTP
connection.
For example, if you add key words such as “sex”, Vigor router will limit web access to web
sites or web pages such as “www.sex.com”, ”www.backdoor.net/images/sex/p_386.html”.
Or you may simply specify the full or partial URL such as “www.sex.com” or “sex.com”.
Also the Vigor router will discard any request that tries to retrieve the malicious code.
Click Firewall and click URL Content Filter to open the setup page.