NetComm NB504 Network Router User Manual


 
NB504 User Guide YML864Rev1
62 www.netcomm.com.au
5.8.6 Advanced Security
Using Advanced Security page (shown in figure 5-40), you can protect the router from being attacked by TCP-
SYN Flood, UDP Flood and ICMP-Flood from LAN.
Figure 5-40 Advanced Security settings
Packets Statistic interval (5 ~ 60) - The default value is 10. Select a value between 5 and 60 seconds
in the pull-down list. The Packets Statistic interval value indicates the time section of the packets
statistic. The result of the statistic used for analysis by SYN Flood, UDP Flood and ICMP-Flood.
DoS protection - Enable or Disable the DoS protection function. Only when it is enabled, will the flood
filters be effective.
Enable ICMP-FLOOD Attack Filtering - Enable or Disable the ICMP-FLOOD Attack Filtering.
ICMP-FLOOD Packets threshold: (5 ~ 3600) - The default value is 50. Enter a value between 5 ~ 3600
packets. When the current ICMP-FLOOD Packets numbers is beyond the set value, the router will start up
the blocking function immediately.
Enable UDP-FLOOD Filtering - Enable or Disable the UDP-FLOOD Filtering.
UDP-FLOOD Packets threshold: (5 ~ 3600) - The default value is 500. Enter a value between 5 ~ 3600
packets. When the current UPD-FLOOD Packets numbers is beyond the set value, the router will start up
the blocking function immediately.
Enable TCP-SYN-FLOOD Attack Filtering - Enable or Disable the TCP-SYN- FLOOD Attack Filtering.
TCP-SYN-FLOOD Packets threshold: (5 ~ 3600) - The default value is 50. Enter a value between 5 ~
3600 packets. When the current TCP-SYN-FLOOD Packets numbers is beyond the set value, the router
will start up the blocking function immediately.
Ignore Ping Packet from WAN Port - Enable or Disable ignore ping packet from WAN port. The default is
disabled. If enabled, the ping packet from the Internet cannot access the router.
Note: Please enable Current Statistics Status in System Tools > Statistics page to use the DOS Protection, refer to Chapter 5.11.8