Operation Manual
Protect Your Network
6-16
Enable ICMP flood
defense
Click the checkbox to activate the ICMP flood defense
function. Similar to the UDP flood defense function,
the router will discard the ICMP echo requests coming
from the Internet, once they exceed the user-defined
threshold (by default, 300 packets per second) in a
period of time (by default, 10 second for timeout).
Enable Port Scan
detection
Port scan attacks occur by sending packets with
different port numbers in an attempt to scanning the
available services that one port will respond. To
examine such exploration behavior, please click the
checkbox to activate the Port Scan detection function in
your Vigor router. The Vigor router will identify it and
report a warning message if the port-scanning rate in
packets per second exceeds the user-defined threshold
value. By default, the Vigor router sets the threshold as
300 packets per second to detect such a scanning
activity.
Enable Block IP
options
Click it to activate the Block IP options function. The
Vigor router will ignore any IP packets with IP option
field appeared in the datagram header. The IP option
provides a way for hosts to send some significant
information, such as security, compartmentation, TCC
(closed user group) parameters, a series of Internet
addresses, routing messages...etc., which an outsider
can analyze to learn details about your private
networks.