User manual
Table Of Contents
- 1 Introduction
- 2 Icons and emphases
- 3 Product information
- 4 Installation and uninstallation
- 5 Overview of AntiVir Professional
- 5.1 User interface and operation
- 5.2 How to...?
- 5.2.1 Activate license
- 5.2.2 Avira AntiVir Professional automatic update
- 5.2.3 Start a manual update
- 5.2.4 On-demand scan: Using a scan profile to scan for viruses and malware
- 5.2.5 On-demand scan: Scan for viruses and malware using Dragamp;Drop
- 5.2.6 On-demand scan: Scan for viruses and malware via the context menu
- 5.2.7 On-demand scan: Automatically scan for viruses and malware
- 5.2.8 On-demand scan: Targeted scan for active rootkits
- 5.2.9 Reacting to detected viruses and malware
- 5.2.10 Quarantine: Handling quarantined files (*.qua)
- 5.2.11 Quarantine: Restore the files in quarantine
- 5.2.12 Quarantine: move suspicious files to quarantine
- 5.2.13 Scan profile: Amend or delete file type in a scan profile
- 5.2.14 Scan profile: Create desktop shortcut for scan profile
- 5.2.15 Events: Filter events
- 5.2.16 MailGuard: Exclude email addresses from scan
- 5.2.17 Firewall: Select the security level for the Firewall
- 6 Scanner::Overview
- 7 Updates
- 8 Avira Firewall::Overview
- 9 FAQ, Tips
- 10 Viruses and more
- 11 Info and Service
- 12 Reference: Configuration options
Avira AntiVir Professional
112
50 ms.
Reject fragmented ICMP
packets.
50 ms.
Reject fragmented ICMP
packets.
Incoming blocked type: no types/several types
With a mouse click on the link a list of ICMP packet types is displayed. From this list you
can specify the desired incoming ICMP message types you want to block.
Outgoing blocked type: no types/several types
With a mouse click on the link a list of ICMP packet types is displayed. From this list you
can select the desired outgoing ICMP message types you want to block.
Flooding
With a mouse click on the link a dialog box is displayed where you can enter the
maximum allowed ICMPA delay.
Fragmented ICPM packets
With a mouse click on the link you have the choice to reject or not to reject fragmented
ICMP packets.
TCP port scan
With this rule you can define when a TCP port scan is assumed by the Firewall and what
should be done in this case. This rule serves for preventing so-called TCP port scan
attack, which results in a detection of open TCP ports on your computer. This kind of
attack is used to search a computer for weak spots and is often followed by more
dangerous attack types.
Predefined rules for the TCP port scan
Setting: Low Setting: Medium Setting: High
Assume a TCP port scan if
50 or more ports were
scanned in 5,000
milliseconds.
When detected, log
attacker's IP and don't
add rule to block the
attack.
Assume a TCP port scan if
50 or more ports were
scanned in 5,000
milliseconds.
When detected, log
attacker's IP and add rule
to block the attack.
Same rule as for medium
level.
Ports
With a mouse click on the link a dialog box appears in which you can enter the number of
ports that must have been scanned so that a TCP port scan is assumed.
Port scan time window
With a mouse click on this link a dialog box appears in which you can enter the time span
for a certain number of port scans, so that a TCP port scan is assumed.
Report file
With a mouse click on the link you have the choice to log or don't log the attacker's IP
address.
Rule