Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual
Page 222
Chapter 17
Advanced security features
222
Figure 17.4
Security options — Anti-Spoofing and cutting down number of connections for one host
Anti-Spoofing
Anti-Spoofing checks whether only packets with allowed source IP addresses are received at
individual interfaces of the WinRoute host. This function protects WinRoute host from attacks
from the internal network that use false IP addresses (so called spoofing).
For each interface, any source IP address belonging to any network connected to the interface
is correct (either directly or using other routers). For any interface connected to the Internet
(so called external interface), any IP address which is not allowed at any other interface is
correct.
Detailed information on networks connected to individual interfaces is acquired in the routing
table.
The Anti-Spoofing function can be configured in the Anti-Spoofing folder in Configuration →
Advanced Options.
Enable Anti-Spoofing
This option activates Anti-Spoofing.
Log
If this option is on, all packets that have not passed the anti-spoofing rules will be logged
in the Security log (for details see chapter
Connections Count Limit
This security function defines a limit for the maximum number of network connections which
can be established from one local host (workstation) to the Internet or from the Internet to the
local server via a mapped port.
Incoming and outgoing connections are monitored separately. If number of all connections
established from/to a single local host in any direction reaches the specified value, WinRoute
block any further connections in the particular direction.