4 application level gateway (alg), 5 url filtering, 6 log and alerts – Asus SL1200 User Manual
Page 25
8
Chapter 2 - Getting to Know the Internet Security Router
ASUS SL1200
Table 2.3. DoS Attacks
Type of Attack
Name of Attacks
Re-assembly attacks
Bonk, Boink, Teardrop (New Tear), Overdrop, Opentear,
Syndrop, Jolt
ICMP Attacks
Ping of Death, Smurf, Twinge
Flooders
ICMP Flooder, UDP Flooder, SYN Flooder
Port Scans
TCP XMAS Scan, TCP Null Scan, TCP SYN Scan, TCP
Stealth Scan
TCP Attacks
TCP sequence number prediction, TCP out-of sequence
attacks
Protection with PF Rules Echo-Chargen, Ascend Kill
Miscellaneous Attacks
IP Spoofing, LAND, Targa, Tentacle MIME Flood,
Winnuke, FTP Bounce, IP unaligned time stamp attack
2.4.1.4 Application Level Gateway (ALG)
Applications such as FTP, and games dynamically open connections
based on the respective application parameter. To go through the firewall
on the router, packets pertaining to an application, require a corresponding
allow rule. In the absence of such rules, the packets will be dropped by
the router's firewall. As it is not feasible to create policies for numerous
applications dynamically (without compromising security), intelligence in
the form of Application Level Gateways (ALG), is built to parse packets
for applications and open dynamic associations. The firewall provides
a number of ALGs for popular applications such as FTP, H.323, RTSP,
Microsoft Games, and SIP.
2.4.1.5 URL Filtering
A set of keywords that should not appear in the Uniform Resource Locator,
(URL such as
www.yahoo.com) can be defined. Any URL containing one
or more of these keywords will be blocked. This is a policy independent
feature. It cannot be associated to ACL rules. This feature can be
independently enabled or disabled, but works only if firewall is enabled.
2.4.1.6 Log and Alerts
Events in the network, which could affect its security, are recorded in the
router's System log file. Event details are recorded in the WebTrends
Enhanced Log Format (WELF) format so that statistical tools can be