Page 80

Chapter 9. Configuring Firewall/NAT Settings

Internet Security Router User

’s Manual

Click on the

button to create the new service. The new service will then be displayed in

the service list table at the bottom half of the Service Configuration page.

9.6.2.4

Modify a Service

To modify a service, follow the instructions below:

Open the Service List Configuration Page (see section 9.6.2.2 Access Service List Configuration

Page).

Select the service from the service drop-down list or click on the

icon of the service to be

modified in the service list table.

Make desired changes to any or all of the following fields: service name, public port and protocol.

Please see Table 9.5 for explanation of these fields.

Click on the

button to modify this service. The new settings for this service will then be

displayed in the service list table at the bottom half of the Service Configuration page.

9.6.2.5

Delete a Service

To delete a service, follow the instructions below:

Open the Service List Configuration Page (see section 9.6.2.2 Access Service List Configuration

Page).

Select the service from the service drop-down list or click on the

icon of the service to be

modified in the service list table.

Click on the

button to delete this service. Note that the service deleted will be removed

from the service list table located at the bottom half of the same configuration page.

9.6.2.6

View Configured Services

To see a list of existing services, follow the instructions below:

Open the Service List Configuration Page (see section 9.6.2.2 Access Service List Configuration

Page).

The service list table located at the bottom half of the Service Configuration page shows all the

configured services.

9.6.3

Configuring DoS Settings

The Internet Security Router has a proprietary Attack Defense Engine that protects internal networks from

Denial of Service (DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly

attacks. It can drop ICMP redirects and IP loose/strict source routing packets. For example, a security device

with the Internet Security Router Firewall provides protection from

“WinNuke”, a widely used program to

remotely crash unprotected Windows systems in the Internet. The Internet Security Router Firewall also

provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack,

Reassembly and SYN flooding. For a complete list of DoS protection provided by the Internet Security Router,

please see Table 2.3.

9.6.3.1

DoS Protection Configuration Parameters

Table 9.6 describes the configuration parameters available for DoS Protection.

Table 9.6. DoS Protection Configuration Parameters

Field

Description

SYN Flooding

Check or un-check this option to enable or disable protection against SYN

Flood attacks. This attack involves sending connection requests to a server,

but never fully completing the connections. This will cause some computers