Attack Description and Action Taken
Excessive Session Detection Blaster or similar worm intrusion detection
TCP/UDP Port Scan UDP port scan detected - drop packet
TCP port scan detected - drop packet
Invalid Source/Destination IP IP source address is broadcast or multicast - drop packet
address (scan inbound TCP destination IP address is not unicast - drop packet
and outbound packets) IP source and destination address are the same - drop packet
Invalid IP sour
ce received from private/home network - drop packet
Packet Flood SYN Flood detected - stop SYN Flood
(SYN/UDP
/ICMP
/ Other)
UDP Flood det
ect
ed - stop UDP Flood
ICMP Flood detected - stop ICMP Flood
Other Flood det
ected - stop Other Flood
Invalid TCP Flag Attacks TCP SYN/FIN attack detected - drop packet
(NULL/XMAS/Other) TCP NULL attack detected - drop packet
(scan inbound and outbound pack
ets)
T
CP XMAS attack det
ected - drop packet
Invalid TCP flags attack detected - drop packet
Invalid ICMP Detection Invalid ICMP type/code attack detected - drop packet
Miscellaneous Port 0 attack detected - drop packet
TCP SYN packet - drop packet
Not a s
tar
t session pack
et - dr
op packet
ICMP destination unreachable - terminate session
S
tateful Packet Inspection for DMZplus and other public IP address
Attack detection
The BT Business Hub provides a robust business-grade firewall
to protect all devices on the local network. There are some
applications and devices that require the use of specific data
ports through the firewall. The BT Business Hub allows users
to open the necessary ports through the firewall using the
Firewall Settings page. If the user requires that a computer
has all incoming traffic available to it, this computer can
be set to the DMZplus mode. While in DMZplus mode, the
computer is still protected against numerous broadband
attacks (such as SYN FLOOD, Invalid TCP flag attacks, etc.)
In rare cases, the incoming traffic may be inadvertently
blocked by the firewall (for example when integrating with
external third-party firewalls or VPN servers).
You may need to disable one or more of the attack detection
capabilities for any device placed in the DMZplus. In this case,
the third-party server provides the attack protection normally
provided by the BT Business Hub.
The f
ollowing table lists the attacks for which the BT Business
Hub firewall filters continuously check.
To disable a specific attack detection capability, deselect the
applicable checkbox and click ‘SAVE’.
Note: It is highly recommended that any computer in the DMZplus has its own
firewall protection. This applies for both single IP and dynamic service offerings.
18
(11 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals