SMC Networks SMCBR21VPN User Manual

194

Define the required fields of Hacker Alert

Detect SYN Attack:
„ Select this option to detect TCP SYN attacks that hackers send to server

computers continuously to block or cut down all the connections of the

servers. These attacks will cause valid users cannot connect to the servers.
‹ 【SYN Flood Threshold(Total) Pkts/Sec】: The system Administrator

can enter the maximum number of SYN packets per second that is

allowed to enter the network/SMC BR21VPN. If the value exceeds the

setting one, and then the device will determine it as an attack.

‹ 【SYN Flood Threshold(Per Source IP) Pkts/Sec】: The system

Administrator can enter the maximum number of SYN packets per

second from attacking source IP Address that is allowed to enter the

network/SMC BR21VPN. And if value exceeds the setting one, and

then the device will determine it as an attack.

‹ 【SYN Flood Threshold Blocking Time(Per Source IP) Seconds】:

When the SMC BR21VPN determines as being attacked, it will block

the attacking source IP address in the blocking time you set. After

blocking for certain seconds, the device will start to calculate the max

number of SYN packets from attacking source IP Address. And if the

max number still exceed the define value, it will block the attacking IP

Address continuously.

Detect ICMP Attack:
„ When Hackers continuously send PING packets to all the machines of the

LAN networks or to the SMC BR21VPN via broadcasting, your network is

experiencing an ICMP flood attack.
‹ 【ICMP Flood Threshold( Total) Pkts/Sec】: The System

Administrator can enter the maximum number of ICMP packets per

second that is allow to enter the network/SMC BR21VPN. If the value

exceeds the setting one, and then the device will determine it as an

attack.