Datasheet

ManualsBrandsZebra Manualscircuit protectionML-1499-LAK1-01R

181

182

183

184

185

186

187

188

189

190

AP-5131 Access Point Product Reference Guide

6-26

3. Refer to the Timeout Configuration field to define a timeout interval to terminate IP address

translations.

4. Refer to the Configurable Firewall Filters field to set the following firewall filters:

Disable Firewall Select the Disable Firewall checkbox to disable all firewall

functions on the

AP-5131. This includes firewall filters, NAT, VPN,

content filtering, and subnet access. Disabling the

AP-5131

firewall makes the

AP-5131 vulnerable to data attacks and is not

recommended during normal operation if using the WAN port.

NAT Timeout Network Address Translation (NAT) converts an IP address in one

network to a different IP address or set of IP addresses in a

different network. Set a NAT Timeout interval (in minutes) the

AP-5131 uses to terminate the IP address translation process if a

response no translation activity is detected after the specified

interval.

SYN Flood Attack

Check

A SYN flood attack requests a connection and then fails to

promptly acknowledge a destination host's response, leaving the

destination host vulnerable to a flood of connection requests.

Source Routing

Check

A source routing attack specifies an exact route for a packet's

travel through a network, while exploiting the use of an

intermediate host to gain access to a private host.

Winnuke Attack

Check

A "Win-nuking" attack uses the IP address of a destination host to

send junk packets to its receiving port.

FTP Bounce Attack

Check

An FTP bounce attack uses the PORT command in FTP mode to gain

access to arbitrary ports on machines other than the originating

client.

IP Unaligned

Timestamp Check

An IP unaligned timestamp attack uses a frame with the IP

timestamp option, where the timestamp is not aligned on a 32-bit

boundary.

Sequence Number

Prediction Check

A sequence number prediction attack establishes a three-way TCP

connection with a forged source address. The attacker guesses the

sequence number of the destination host response.

Mime Flood Attack

Check

A MIME flood attack uses an improperly formatted MIME header

in "sendmail" to cause a buffer overflow on the destination host.