User's Manual
UTT Technologies Chapter 12 Security
http://www.uttglobal.com Page 311
3) Only allow the LAN hosts that belong to the range specified by Allowed IP
Addresses to access the web or telnet service provided by the Device, but block
the other hosts.
4) Block LAN hosts from accessing any other services provided by the Device.
Allowed IP Addresses: It specifies an address range of the allowed LAN hosts.
When Enable Device Access Restrict is selected, only the LAN hosts that belong to
this range can access the web or telnet service provided by the Device.
Threshold: It specifies the maximum number of packets passing through the
'HYLFH¶V/$1LQWHUIDFHSHUVHFRQGIt should be between 0 and 20000 packets per
second, and the suggested value is between 300 and 600 packets per second.
3. Other Defense
Enable Port Scanning Defense: It allows you to enable or disable port scanning
defense. If you select this check box to enable this feature, it will effectively protect
the Device against port scanning attack. After you enable this feature, if a LAN host
continuously sends the SYN packets to different ports on a remote host, and the
number of ports exceeds 10 at the specified time interval (set by the Threshold), the
Device will consider that the LAN host is performing port scanning attack, and then
randomly discard the further SYN packets from it to that destination host. In most
cases, leave the Threshold the default value.
¾ Save: Click it to save the internal attack defense settings.
12.1.2 External Attack Defense
In this page you can enable or disable WAN ping respond. As ping is often used by
malicious Internet users to locate active networks or hosts, in most cases, it is
recommended that you disable WAN ping respond for added security. Only in some
special cases, such as network debugging, you need enable this feature.
Figure 12-2 External Attack Defense Settings