Some virus are using “PING” command to attack network, AirLive IGR-2500 can be defined as accept or
reject “PING” command from WAN or LAN. (Figure 3-24)
Figure 3-24 Disable Ping respond
Function Description
IP Fragments Checking
Checking the IP fragments. When it finds someone from WAN side tries
to attack your network using overlap IP fragments in a bad attention, this
function will check over these packets and drop them.
IP Address spoofing
Finding out whether the source address(s) and destination address(s)
are legal IP’s or not. If they are illegal IP’s or multicast addresses, this
function will cast these packets away.
Oversized Ping
Dropping the packets of “ping” which exceed the size you set. The default
value is 32 bytes.
Drop IP Packet with
Source Route Option
Casing a packet away when it contains source route option(s) in its IP.
Port Scan
When an IP from Internet tries to scan the IP of IGR-2500 up to
10000ports/sec (default value), this function will drop all the packets from
this IP within 5 minutes (default value).
TCP SYN Flooding
(WAN)
When a destination address and destination port of IGR-2500 receives
TCP SYN packet from WAN over 10000 times (default value) in one
second, IGR-2500 will close this address and port for 5 minutes (default
value) temporarily.
TCP SYN Flooding
(LAN)
When an IP in LAN of IGR-2500 tries to send TCP SYN packet over
10000 times (default value) in one second, IGR-2500 will close this
source address for 5 minutes (default value) temporarily.
ICMP Flooding (WAN)
When a destination address of IGR-2500 receives ICMP from WAN over
10000 times (default value) in one second, IGR-2500 will close this
address for 5 minutes (default value) temporarily.
ICMP Flooding (LAN)
When an IP in LAN of IGR-2500 tries to send ICMP over 10000 times
(default value) in one second, IGR-2500 will close this source address for
5 minutes (default value) temporarily.
UDP Flooding (WAN)
When a destination address of IGR-2500 receives UDP from WAN over
10000 times (default value) in one second, IGR-2500 will close this
address for 5 minutes (default value) temporarily.
UDP Flooding (LAN)
When an IP in LAN of IGR-2500 tries to send UDP over 10000 times
(default value) in one second, IGR-2500 will close this source address for
5 minutes (default value) temporarily.
30