Intrusion detection – Niveo Professional NWAR33P User Manual

118

Intrusion Detection

The router Intrusion Detection System (IDS) is used to detect hacker‟s attack and intrusion
attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are
filtered and blocked depending on whether they are detected as possible hacker attacks,
intrusion attempts or other connections that the router determines to be suspicious.

Max TCP Open Handshaking Count: This is a threshold value to decide whether a SYN Flood
attempt is occurring or not. Default value is 100 TCP SYN per seconds.

Max PING Count: This is a threshold value to decide whether an ICMP Echo Storm is occurring
or not. Default value is 15 ICMP Echo Requests (PING) per second.

Max ICMP Count: This is a threshold to decide whether an ICMP flood is occurring or not.
Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

Log: Select Enable for this option if you will like to capture the logs for this Packet filter policy.

Block WAN Ping

This feature is to be enabled when you want the public WAN IP address on your router not to
respond to any ping command.

This feature is disabled by default. To activate the Block WAN PING feature, check the Enable
box and then click the Apply button.