User's Manual

ManualsBrandsSHANGHAI UTT TECHNOLOGIES ManualsElectronicsRouter

321

322

323

324

325

326

327

328

329

330

UTT Technologies Chapter 12 Security

http://www.uttglobal.com Page 310

exceeds the threshold, the Device will consider that the LAN host with IP address

192.168.16.66 is performing UDP flood attack, and then randomly discard the further

UDP packets from that source to that destination. In most cases, leave Threshold

the default value.

 Enable ICMP Flood Defense: It allows you to enable or disable ICMP flood defense.

If you select this check box to enable this feature, it will effectively protect the Device

against ICMP flood attack. After you enable this feature, if the number of ICMP

packets from one source IP address (e.g., 192.168.16.16) to a single port on a

remote host exceeds the threshold, the Device will consider that the LAN host with IP

address 192.168.16.16 is performing ICMP flood attack, and then randomly discard

the further ICMP packets from that source to that destination. In most cases, leave

Threshold the default value.

 Enable SYN Flood Defense: It allows you to enable or disable SYN flood defense. If

you select this check box to enable this feature, it will effectively protect the Device

against SYN flood defense. After you enable this feature, if the number of SYN

packets from one source IP address (e.g., 192.168.16.36) to a single port on a

remote host exceeds the threshold, the Device will consider that the LAN host with IP

address 192.168.16.36 is performing SYN flood attack, and then randomly discard

the further SYN packets from that source to that destination. In most cases, leave

Threshold the default value.

 Enable ARP Spoofing Defense: It allows you to enable or disable ARP spoofing

defense. If you select the check box to enable this feature, and then bind all the

IP/MAC address pairs of the LAN hosts (configured in the Security > IP/MAC

Binding page), it will effectively protect the Device against ARP spoofing attack.

 ARP Broadcast Interval: It specifies the time interval at which the Device

periodically broadcasts gratuitous ARP packets. These gratuitous ARP packets are

used to inform the LAN hosts the correct MAC address of the Device¶s LAN interface,

so the LAN hosts can effectively defense ARP spoofing attack. It should be multiple of

10 between 100 and 5000 milliseconds.

2. Access Restrict

 Enable Device Access Restrict: It allows you to enable or disable device access

restrict. Select the check box WRUHVWULFW/$1KRVWV¶DFFHVVWRWKH'HYLFHWKURXJK/$1

interface, so it will protect the Device against internal DDoS attacks. The access

restrict rules are as follows:

1) Allow any LAN host to use ICMP to access the Device.

2) Allow any LAN host to access the UDP port 53, 67 or 68 of the Device, to ensure

that the Device¶s DNS proxy, DHCP server and DHCP client can operate

properly.