User manual
Table Of Contents
- 1 Introduction
- 2 Icons and emphases
- 3 Product information
- 4 Installation and uninstallation
- 5 Overview of AntiVir Professional
- 5.1 User interface and operation
- 5.2 How to...?
- 5.2.1 Activate license
- 5.2.2 Avira AntiVir Professional automatic update
- 5.2.3 Start a manual update
- 5.2.4 On-demand scan: Using a scan profile to scan for viruses and malware
- 5.2.5 On-demand scan: Scan for viruses and malware using Dragamp;Drop
- 5.2.6 On-demand scan: Scan for viruses and malware via the context menu
- 5.2.7 On-demand scan: Automatically scan for viruses and malware
- 5.2.8 On-demand scan: Targeted scan for active rootkits
- 5.2.9 Reacting to detected viruses and malware
- 5.2.10 Quarantine: Handling quarantined files (*.qua)
- 5.2.11 Quarantine: Restore the files in quarantine
- 5.2.12 Quarantine: move suspicious files to quarantine
- 5.2.13 Scan profile: Amend or delete file type in a scan profile
- 5.2.14 Scan profile: Create desktop shortcut for scan profile
- 5.2.15 Events: Filter events
- 5.2.16 MailGuard: Exclude email addresses from scan
- 5.2.17 Firewall: Select the security level for the Firewall
- 6 Scanner::Overview
- 7 Updates
- 8 Avira Firewall::Overview
- 9 FAQ, Tips
- 10 Viruses and more
- 11 Info and Service
- 12 Reference: Configuration options
Reference: Configuration options
95
With a mouse click on the link you have the choice to reject or not to reject fragmented
ICMP packets.
TCP port scan
With this rule you can define when a TCP port scan is assumed by the Firewall and what
should be done in this case. This rule serves for preventing so-called TCP port scan
attack, which results in a detection of open TCP ports on your computer. This kind of
attack is used to search a computer for weak spots and is often followed by more
dangerous attack types.
Predefined rules for the TCP port scan
Setting: Low Setting: Medium Setting: High
Assume a TCP port scan if
50 or more ports were
scanned in 5,000
milliseconds.
When detected, log
attacker's IP and don't
add rule to block the
attack.
Assume a TCP port scan if
50 or more ports were
scanned in 5,000
milliseconds.
When detected, log
attacker's IP and add rule
to block the attack.
Same rule as for medium
level.
Ports
With a mouse click on the link a dialog box appears in which you can enter the number of
ports that must have been scanned so that a TCP port scan is assumed.
Port scan time window
With a mouse click on this link a dialog box appears in which you can enter the time span
for a certain number of port scans, so that a TCP port scan is assumed.
Report file
With a mouse click on the link you have the choice to log or don't log the attacker's IP
address.
Rule
With a mouse click on the link you have the choice to add or not to add the rule to block
the TCP port scan attack.
UDP port scan
With this rule you can define when a UDP port scan is assumed by the Firewall and what
should be done in this case. This rule prevents so-called UDP port scan attacks, which
result in a detection of open UDP ports on your computer. This kind of attack is used to
search a computer for weak spots and is often followed by more dangerous attack types.
Predefined rules for the UDP port scan
Setting: Low Setting: Medium Setting: High
Assume a UDP port scan
if 50 or more ports were
scanned in 5,000
Assume a UDP port scan
if 50 or more ports were
scanned in 5,000
Same rule as for medium
level.