User Manual
Table Of Contents
- Copyright
- Notice
- Trademarks
- Europe – EU Declaration of Conformity
- Contents
- About this Guide
- Purpose
- Prerequisite Skills and Knowledge
- Conventions Used in this Document
- Help Us to Improve this Document!
- Browan Technical Support
- Chapter 1 – Introduction
- Chapter 2 - Installation
- Chapter 3 – Application Mode
- Chapter 4 – Reference Manual
- Welcome | Wizard
- Welcome | Wizard | Setup Wizard
- Welcome | Notice Board
- Welcome | Password
- Welcome | Wizard
- LAN Settings | Unit Configuration
- LAN Settings | Static DHCP Assignment
- LAN Settings | DHCP lease table
- Wireless Settings | Configuration
- Wireless Settings | Encryption
- Wireless Settings | WDS
- Wireless Settings | WMM
- Wireless Settings | Connection Control
- Wireless Settings | Client List
- Wireless Settings | Advanced
- Wireless Settings | Multiple SSIDs
- Internet Settings | Connection to ISP
- Firewall | Virtual Servers
- Firewall | Special Apps
- Firewall | SPI
- Firewall | QoS
- Firewall | Internet Access Policy
- Firewall | URL Filter
- System Tools | Restart
- System Tools | Time Zone
- System Tools | Configuration
- System Tools | Upgrade
- Advanced | Static Route
- Advanced | RIP
- Advanced | DDNS
- Advanced | Security
- Advanced | Proxy ARP
- Advanced | 1 to 1 NAT
- Advanced | SNMP
- Status and Logs | Status
- Status and Logs | Logs
- Status and Logs | Routing Table
- Status and Logs | Syslog
- Support | Support
- Appendix
BROWAN COMMUNICATIONS Page 128
Firewall | SPI
The Router inspects packets at the application layer, and
maintains TCP and UDP session information, including
timeouts and the number of active sessions. The Router
also provides the ability to detect and prevent certain types
of network attacks such as DOS attacks. Network attacks
that deny access to a network device are called
denial-of-service (DOS) attacks. Denials of Service (DOS)
attacks are aimed at devices and networks with a
connection to the Internet. The goal is not to steal
information, but to disable a device or network so users no
longer have access to network resources.
By using above inspected information and
timeout/threshold criteria, the Router provide following DOS
attacks prevention: Ping of Death (Ping flood) attack, SYN
flood attack, IP fragment attack (Teardrop Attack), Land
Attack, IP Spoofing attack, IP with zero length, TCP null
scan (Port Scan Attach), UDP port loopback, Stork Attack
etc.