Delete a service, View configured services, Configuring dos settings – Asus RX3041H User Manual

Chapter 9. Configuring Firewall/NAT Settings

RX3041H User’s Manual

66

4. Click on the

button to modify this service. The new settings for this service will then be

displayed in the service list table at the bottom half of the Service configuration page.

9.7.2.4 Delete

a

Service

To delete a service, follow the instructions below:

1. Open the Service List configuration page by clicking the Firewall

Î Advanced Î Service.

2. Select the service from the service drop-down list or click on the

icon of the service to be

modified in the service list table.

3. Click on the

button to delete this service. Note that the service deleted will be removed

from the service list table located at the bottom half of the same configuration page.

9.7.2.5 View

Configured

Services

To see a list of existing services, follow the instructions below:

1. Open the Service List configuration page by clicking the Firewall

Î Advanced Î Service.

2. The service list table located at the bottom half of the Service configuration page shows all the

configured services.

9.7.3

Configuring DoS Settings

The RX3041H has a proprietary Attack Defense Engine that protects internal networks from Denial of Service
(DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can
drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the
RX3041H Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected
Windows systems in the Internet. The RX3041H Firewall also provides protection from a variety of common
Internet attacks such as IP Spoofing, Ping of Death, Land Attack, Reassembly and SYN flooding. For a
complete list of DoS protection provided by the RX3041H, please see Table 2.3.

9.7.3.1

DoS Protection Configuration Parameters

Table 9.5 describes the configuration parameters available for DoS Protection.

Table 9.5. DoS Protection Configuration Parameters

Field

Description

SYN Flooding

Check or un-check this option to enable or disable protection against SYN
Flood attacks. This attack involves sending connection requests to a server,
but never fully completing the connections. This will cause some computers
to get into a "stuck state" where they cannot accept connections from
legitimate users. ("SYN" is short for "SYNchronize"; this is the first step in
opening an Internet connection). You can select this box if you wish to
protect the network from TCP SYN flooding. By default, SYN Flood
protection is enabled.

Winnuke

Check or un-check this option to enable or disable protection against
Winnuke attacks. Some older versions of the Microsoft Windows OS are
vulnerable to this attack. If the computers in the LAN are not updated with
recent versions/patches, you are advised to enable this protection by
checking this check box.

MIME Flood

Check or un-check this option to enable or disable protection against MIME
attacks. You can select this box to protect the mail server in your network
against MIME flooding.

FTP Bounce

Check or un-check this option to enable or disable protection against FTP
bounce attack In its simplest terms the attack is based on the misuse of the