Manualshelf

User manual

ManualsBrandsAIPTEK ManualsComputer equipmentPocketCam 1.3M Smart
61626364656667686970
61 Version 1.0
1. Firewall Protection Level: Select the level from the drop-down list, including High,
Medium and Low. The below screen including SPI service and ICMP setting will
change according to your level setup.
2. Enable SPI Service: MT4205 often monitor a wider range of activity, such as patterns
of traffic and the type of application sending traffic. With SPI, the router looks at
individual packets for patterns similar to known hacker techniques, such as Denial of
Service (DoS) attacks, Ping of Death (illegal ping packet sizes or excessive ICMP
messages), SYN Flood, LAND Attack, and IP Spoofing. Enable it if you need.
3. Blocking ICMP Ping from WAN side: The purpose of ICMP is to provide feedback
regarding the network and datagram, it is not to make IP a reliable transport
mechanism. ICMP messages use a basic IP datagram header with the IP data being
the ICMP message. The IP source address is that of the host or gateway sending the
ICMP message with the destination IP address being that of the original source IP
address. You can enable ICMP Ping from WAN side or not.
4. DoS Attacks Blocking Settings
Enable DoS Attacks Blocking: The following sections will explain in more detail
about DoS Defense setup by using the web configuration. There are a total 8 kinds of
defense function for the DoS Defense Setup. By default, the DoS Defense
functionality is disabled. Further, once the DoS Defense functionality is enabled, the
default values for the threshold and timeout values existing in some functions are set
to 300 packets per second and 10 seconds, respectively. A brief description for each
item in the DoS defense function is shown below.
SYN Flooding: Check or uncheck this option to enable or disable protection against
SYN Flood attacks. This attack involves sending connection requests to a server, but
never fully completing the connections. This will cause some computers to get into a
―suck state where they cannot accept connections from legitimate users. (―SYN‖ is
short for SYNchronize‖; this is the first step in opening an Internet connection). You
can select this box if you wish to protect the network from TCP SYN flooding.
WinNuke: Check or un-check this option to enable or disable protection against
WinNuke attacks. Some older versions of the Microsoft Windows OS are vulnerable to
this attack. If the computers in the LAN are not updated with recent versions/patches,
you are advised to enable this protection by checking this check box.
MIME Flood: Check or un-check this option to enable or disable protection against
MIME attacks. You can select this box to protect the mail server in your network
against MIME flooding.
FTP Bounce: Check or un-check this option to enable or disable protection against
FTP bounce attack. In its simplest terms, the attack is based on the misuse of the
PORT command in the FTP protocol. An attacker can establish a connection between