User guide
C
ONFIGURING
THE
W
IRELESS
54M
BPS
ADSL R
OUTER
50
• DoS Detect Criteria
Set up DoS detect and port scan criteria in the spaces provided.
Note: The firewall does not significantly affect system
performance, so we advise enabling the prevention features to
protect your network.
DMZ
If you have a client PC that cannot run an Internet application
properly from behind the firewall, you can open the client up to
unrestricted two-way Internet access. Enter the IP address of a DMZ
(Demilitarized Zone) host on this screen. Adding a client to the DMZ
Parameter Defaults Description
Total incomplete
TCP/UDP sessions
HIGH
300
sessions
Defines the rate of new unestablished sessions
that will cause the software to
start
deleting half-
open sessions.
Total incomplete
TCP/UDP sessions
LOW
250
sessions
Defines the rate of new unestablished sessions
that will cause the software to
stop
deleting half-
open sessions.
Incomplete TCP/UDP
sessions (per min)
HIGH
250
sessions
Maximum number of allowed incomplete
TCP/UDP sessions per minute.
Incomplete TCP/UDP
sessions (per min)
LOW
200
sessions
Minimum number of allowed incomplete
TCP/UDP sessions per minute.
Maximum incomplete
TCP/UDP sessions
number from same
host
10 Maximum number of incomplete TCP/UDP
sessions from the same host.
Incomplete TCP/UDP
sessions detect
sensitive time period
300
msec
Length of time before an incomplete TCP/UDP
session is detected as incomplete.
Maximum half-open
fragmentation packet
number from same
host
30 Maximum number of half-open fragmentation
packets from the same host.
Half-open
fragmentation detect
sensitive time period
10000
msec
Length of time before a half-open fragmentation
session is detected as half-open.
Flooding cracker block
time
300 sec Length of time from detecting a flood attack to
blocking the attack.