2 stateful packet inspection, 3 defense against dos attacks – Asus SL1200 User Manual

7

Chapter 2 -Getting to Know the Internet Security Router

ASUS SL1200

• Use of the wild card for composing filter rules
• Filter Rule priorities
• Time based filters
• Application specific filters
• User group based filters for remote access

2.4.1.2 Stateful Packet Inspection

The ASUS SL1200's firewall uses “stateful packet inspection” that extracts

state-related information required for the security decision from the packet

and maintains this information for evaluating subsequent connection

attempts. It has awareness of application and creates dynamic sessions

that allow dynamic connections so that no ports need to be opened other

than the required ones. This provides a solution which is highly secure and

that offers scalability and extensibility.

2.4.1.3 Defense against DoS Attacks

The firewall has an Attack Defense Engine that protects internal networks

from known types of Internet attacks. It provides automatic protection from

Denial of Service (DoS) attacks such as SYN flooding, IP smurfing, LAND,

Ping of Death and all re-assembly attacks. It can drop ICMP redirects and

IP loose/strict source routing packets. For example, the router's firewall

provides protection from “WinNuke”, a widely used program that remotely

crash unprotected Windows systems in the Internet. The Internet Security

Router Firewall also provides protection from a variety of common Internet

attacks such as IP Spoofing, Ping of Death, Land Attack, Reassembly and

SYN flooding.
Table 2.3 lists the type of attack protections provided by the router.