Operation Manual

ManualsBrandsDraytek ManualscomputerVigor 2133 series

281

282

283

284

285

286

287

288

289

290

Vigor2133 Series User’s Guide

271

packets per second and 10 seconds, respectively. That

means, when 2000 packets per second received, they will

be regarded as “attack event” and the session will be

paused for 10 seconds.

Enable ICMP flood defense

Check the box to activate the ICMP flood defense function.

Similar to the UDP flood defense function, once if the

Threshold of ICMP packets from Internet has exceeded the

defined value, the router will discard the ICMP echo

requests coming from the Internet.

The default setting for threshold and timeout are 250

packets per second and 10 seconds, respectively. That

means, when 250 packets per second received, they will be

regarded as “attack event” and the session will be paused

for 10 seconds.

Enable Port Scan

detection

Port Scan attacks the Vigor router by sending lots of packets

to many ports in an attempt to find ignorant services would

respond. Check the box to activate the Port Scan

detection. Whenever detecting this malicious exploration

behavior by monitoring the port-scanning Threshold rate,

the Vigor router will send out a warning.

By default, the Vigor router sets the threshold as 2000

packets per second. That means, when 2000 packets per

second received, they will be regarded as “attack event”.

Block IP options Check the box to activate the Block IP options function.

The Vigor router will ignore any IP packets with IP option

field in the datagram header. The reason for limitation is IP

option appears to be a vulnerability of the security for the

LAN because it will carry significant information, such as

security, TCC (closed user group) parameters, a series of

Internet addresses, routing messages...etc. An

eavesdropper outside might learn the details of your

private networks.

Block Land Check the box to enforce the Vigor router to defense the

Land attacks. The Land attack combines the SYN attack

technology with IP spoofing. A Land attack occurs when an

attacker sends spoofed SYN packets with the identical

source and destination addresses, as well as the port

number to victims.

Block Smurf Check the box to activate the Block Smurf function. The

Vigor router will ignore any broadcasting ICMP echo

request.

Block trace route Check the box to enforce the Vigor router not to forward

any trace route packets.

Block SYN fragment Check the box to activate the Block SYN fragment function.

The Vigor router will drop any packets having SYN flag and

more fragment bit set.

Block Fraggle Attack Check the box to activate the Block fraggle Attack function.

Any broadcast UDP packets received from the Internet is

blocked.

Activating the DoS/DDoS defense functionality might block

some legal packets. For example, when you activate the

fraggle attack defense, all broadcast UDP packets coming

from the Internet are blocked. Therefore, the RIP packets

from the Internet might be dropped.