Attack Checks - D-Link DWC-1000 User Manual

Section 8 - Security
Path: Security > Firewall > Attack Checks
Attacks can be malicious security breaches or unintentional network issues that render the controller unusable
Attack checks allow you to manage Option security threats such as continual ping requests and discovery via
ARP scans. TCP and UDP flood attack checks can be enabled to manage extreme usage of Option resources.
Additionally certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if uninhibited, can use up
processing power and bandwidth and prevent regular network services from running normally. ICMP packet
flooding, SYN traffic flooding, and Echo storm thresholds can be configured to temporarily suspect traffic from
the offending source.
1. Click Security > Firewall > Attack Checks.
2. Complete the fields from the table below and click Save.
Field
Stealth Mode
Block TCP Flood
Block UDP Flood
Allow Ping from LAN
Block ICMP Notification
D-Link DWC-1000 User Manual

Attack Checks

If this option is toggled to ON, the controller will not respond to port scans from the WAN.
This makes it less susceptible to discovery and attacks.
If this option is toggled to ON, the controller will drop all invalid TCP packets and be
protected from a SYN flood attack.
If this option is toggled to ON, the controller will not accept more than 20 simultaneous,
active UDP connections from a single computer on the LAN. You can set the number of
simultaneous active UDP connections to be accepted from a single computer on the LAN;
the default is 25.
Toggle to ON to allow local computers to ping.
Toggle to ON to prevent ICMP packets from being identified as such. ICMP packets, if iden-
tified, can be captured and used in a Ping (ICMP) flood DoS attack.
Description
248