NETGEAR FVS318N Modem User Manual


 
Firewall Protection
167
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
IPv4 Attack Checks
To enable IPv4 attack checks for your network environment:
1. Select Se
curity > Firewall > Attack Checks. In the upper right of the screen, the IPv4
radio button is selected by default. The Attack Checks screen displays the IPv4 settings:
Figure 88.
2. Enter the settings as explained in the following table:
Table 35. Attack Checks screen settings for IPv4
Setting Description
WAN Security Checks
Respond to Ping on
Internet Ports
Select the Respond to Ping on Internet Ports check box to enable the wireless
VPN firewall to respond to a ping from the Internet to its IPv4 address. A ping can be
used as a diagnostic tool. Keep this check box cleared unless you have a specific
reason to enable the wireless VPN firewall to respond to a ping from the Internet.
Enable Stealth Mode Select the Enable Stealth Mode check box (which is the default setting) to prevent
the wireless VPN firewall from responding to port scans from the WAN, thus making
it less susceptible to discovery and attacks.
Block TCP flood Select the Block TCP flood check box (which is the default setting) to enable the
wireless VPN firewall to drop all invalid TCP packets and to protect the wireless VPN
firewall from a SYN flood attack.
A SYN flood is a form of denial of service attack in which an attacker sends a
succession of SYN (synchronize) requests to a target system. When the system
responds, the attacker does not complete the connections, thus leaving the
connection half open and flooding the server with SYN messages. No legitimate
connections can then be made.