Manualshelf

User manual

ManualsBrandsAIPTEK ManualsComputer equipmentPocketCam 1.3M Smart
61626364656667686970
62 Version 1.0
the FTP server machine and an arbitrary port on another system. This connection may
be used to bypass access controls that would otherwise apply.
IP Unaligned Time-Stamp: Check or un-check this option to enable or disable
protection against unaligned IP time stamp attack. Certain operating systems will
crash if they receive a frame with the IP timestamp option that isn’t aligned on a 32-bit
boundary.
Sequence Number Prediction Check: For TCP packets, sequence number is used
to guard against accidental receipt of unintended data and malicious use by the
attackers if the ISN (Initial Sequence Number) is generated randomly. Forged packets
with valid sequence numbers can be used to gain trust from the receiving host.
Attackers can then gain access to the compromised system. Note that this attack
affects only the TCP packets originated or terminated at the Internet Security Router.
Sequence Number Out of Range Check: Protect against TCP out of range
sequence number attacks. An attacker can send a TCP packet to cause an intrusion
detection system (IDS) to become unsynchronized with the data in a connection.
Subsequent frames sent in that connection may then be ignored by the IDS. This may
indicate an unsuccessful attempt to hijack a TCP session.
ICMP Verbose: Check or un-check this option to enable or disable protection against
ICMP error message attacks. ICMP messages can be used to fold your network with
undesired traffic.
Max IP Fragment Count: Enter the maximum number of fragments the Firewall
should allow for every IP packet. This option is required if your connection to the ISP is
through PPPoE. This data is used during transmission or reception of IP fragments.
When large sized packets are sent via MT4205, the packets are chopped into
fragments as large as MTU (Maximum Transmission Unit). By default, this number is
set to 45. If MTU of the interface is 1500(default for Ethernet), then there can be a
maximum of 45 fragments per IP packet. If the MTU is less, then there can be more
number of fragments and this number should be increased.
Minimum IP Fragment Size: Enter the Minimum size of IP fragments to be allowed
through Firewall. This limit will not be enforced on the last fragment of the packet. If
the Internet traffic is such that it generates many small sized fragments, this value can
be decreased. This can be found if there are lots of packet losses, degradation in
speed and if the flowing log message is generated very often: fragment of size less
than configured minimum fragment size detected‖.
5. Apply & Cancel
Click on Apply button to continue. Click on Cancel button to clear the settings on this
page.
6. DoS Attacks Blocking List