User Manual

More documents

Recommendations

Info

ICMP protocol Reference: Configuration options The Internet Control Message Protocol (ICMP) is used to exchange error and information messages on networks. The protocol is also used for status messages with ping or tracer. With this rule, you can define the incoming and outgoing blocked message types, the behavior in case of flooding and the reaction to fragmented ICMP packets. This rule serves for preventing so-called ICMP flood attacks, which results in an increase of the CPU load of the attacked machine as it responds to every packet. Predefined rules for the ICMP protocol Setting Rules Low Incoming blocked types: no type. Outgoing blocked types: no type. Assume flooding if delay between packets is less than 50 ms. Reject fragmented ICMP packets. Medium Same rule as for the Low level. High Incoming blocked types: several types Outgoing blocked types: several types Assume flooding if delay between packets is less than 50 ms. Reject fragmented ICMP packets. Incoming blocked types: no types/several types With a mouse click on the link a list of ICMP packet types is displayed. From this list you can specify the desired incoming ICMP message types you want to block. Outgoing blocked types: no types/several types With a mouse click on the link a list of ICMP packet types is displayed. From this list you can select the desired outgoing ICMP message types you want to block. Assume Flooding With a mouse click on the link, a dialog box is displayed where you can enter the maximum allowed ICMP delay. Example: 50 milliseconds. Avira Professional Security - User Manual (Status: 30 Mar. 2012) 126
Fragmented ICMP packets Reference: Configuration options With a mouse click on the link, you have the choice between "Reject" and "Don't reject" fragmented ICMP packets. TCP port scan With this rule, you can define when a TCP port scan is assumed by the FireWall and what should be done in this case. This rule serves for preventing so-called TCP port scan attacks that result in a detection of open TCP ports on your computer. This kind of attack is used to search a computer for weak spots and is often followed by more dangerous attack types. Predefined rules for the TCP Port Scan Setting Rules Low Assume a TCP Port Scan if 50 or more ports were scanned in 5,000 milliseconds. When detected, log attacker's IP and don't add rule to block the attack. Medium Assume a TCP Port Scan if 50 or more ports were scanned in 5,000 milliseconds. When detected, log attacker's IP and add rule to block the attack. High Same rule as for Medium level. Ports With a mouse click on the link a dialog box appears in which you can enter the number of ports that must have been scanned so that a TCP port scan is assumed. Port scan time window With a mouse click on this link a dialog box appears in which you can enter the time span for a certain number of port scans, so that a TCP port scan is assumed. Event database Rule With a mouse click on the link you have the choice between "log" and "don't log" the attacker's IP address. With a mouse click on the link you have the choice between "add" and "don't add" the rule to block the TCP port scan attack. Avira Professional Security - User Manual (Status: 30 Mar. 2012) 127
Page 1 and 2:
Avira Professional Security User Ma
Page 3 and 4:
Table of Contents Introduction 1. I
Page 5 and 6:
Introduction 9. Viruses and more ..
Page 7 and 8:
1. Introduction Your Avira product
Page 9 and 10:
2. Product information This chapter
Page 11 and 12:
� For the program installation: A
Page 13 and 14:
3. Installation and uninstallation
Page 15 and 16:
Install Installation and uninstalla
Page 17 and 18:
The Avira Tray Icon is placed in th
Page 19 and 20:
Installation and uninstallation The
Page 21 and 22:
Installation and uninstallation �
Page 23 and 24:
Note Please note that an installati
Page 25 and 26:
� /remsilentaskreboot Installatio
Page 27 and 28:
� AVWinIni (optional) Installatio
Page 29 and 30:
Overview of Avira Professional Secu
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
4.2 How to...? 4.2.1 Overview Overv
Page 39 and 40:
� Maximize: Entire job window Cli
Page 41 and 42:
Page 43 and 44:
Select the profile to be scanned. C
Page 45 and 46:
Automatic Overview of Avira Profess
Page 47 and 48:
Repair boot sector | Download repai
Page 49 and 50:
Web Protection actions: Deny access
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
- OR - Overview of Avira Profession
Page 57 and 58:
5. System Scanner With the System S
Page 59 and 60:
Updates Updates can be obtained fro
Page 61 and 62:
8. FAQ, Tips This chapter contains
Page 63 and 64:
Reason: Avira Realtime Protection i
Page 65 and 66:
The Configuration dialog box is dis
Page 67 and 68:
Alt + ↓ F4 Open selected drop-dow
Page 69 and 70:
Del Delete selected profile FireWal
Page 71 and 72:
8.3.2 The Windows Security Center a
Page 73 and 74:
Note In order for the Windows Secur
Page 75 and 76: Windows Action Center, under the Se
Page 77 and 78: Virus protection TURNED OFF FAQ, Ti
Page 79 and 80: Windows Defender OUT OF DATE You re
Page 81 and 82: Dialer Viruses and more Certain ser
Page 83 and 84: Viruses and more registration autho
Page 85 and 86: Viruses and more reason he is never
Page 87 and 88: 10. Info and Service This chapter c
Page 89 and 90: 11. Reference: Configuration option
Page 91 and 92: Reference: Configuration options an
Page 93 and 94: Action on detection Reference: Conf
Page 95 and 96: Repair Reference: Configuration opt
Page 97 and 98: Reference: Configuration options Th
Page 99 and 100: Input box Add Delete Reference: Con
Page 101 and 102: Off Reference: Configuration option
Page 103 and 104: Scan when writing Reference: Config
Page 105 and 106: Rename Reference: Configuration opt
Page 107 and 108: Warning The affected file remains a
Page 109 and 110: Reference: Configuration options Wh
Page 111 and 112: Delete Reference: Configuration opt
Page 113 and 114: enable AHeAD Reference: Configurati
Page 115 and 116: Delete Reference: Configuration opt
Page 117 and 118: Complete Reference: Configuration o
Page 119 and 120: Start job while connecting to the I
Page 121 and 122: 11.4.2 Restart settings Reference:
Page 123 and 124: Use the following connection This s
Page 125: Login name Enter a user name to log
Page 129 and 130: Reference: Configuration options Wa
Page 131 and 132: Filtered content: bytes Reference:
Page 133 and 134: Predefined rules for the ICMP traff
Page 135 and 136: IP address Reference: Configuration
Page 137 and 138: Reference: Configuration options Ac
Page 139 and 140: Buttons Button Description Add appl
Page 141 and 142: Block forever Reference: Configurat
Page 143 and 144: Show details on demand Reference: C
Page 145 and 146: � TCP Port Scan � UDP Port Scan
Page 147 and 148: Report file Rule Reference: Configu
Page 149 and 150: Setting Rules Low No incoming data
Page 151 and 152: Filtered content: Data Reference: C
Page 153 and 154: Filtered content: Data Reference: C
Page 155 and 156: Report file Reference: Configuratio
Page 157 and 158: Application list Reference: Configu
Page 159 and 160: Port scan Reference: Configuration
Page 161 and 162: Reference: Configuration options us
Page 163 and 164: Reference: Configuration options fi
Page 165 and 166: Reference: Configuration options No
Page 167 and 168: Add Delete Reference: Configuration
Page 169 and 170: High detection level Reference: Con
Page 171 and 172: Default Reference: Configuration op
Page 173 and 174: Ignore Reference: Configuration opt
Page 175 and 176: Reference: Configuration options yo
Page 177 and 178:
Attach Mail Protection footer Refer
Page 179 and 180:
SMTP Server Port Reference: Configu
Page 181 and 182:
Note The password is case-sensitive
Page 183 and 184:
Manually switch configuration Insta
Page 185 and 186:
Reference: Configuration options No
Page 187 and 188:
Reference: Configuration options Wa
Page 189 and 190:
Message to be sent Reference: Confi
Page 191 and 192:
Send test email Reference: Configur
Page 193 and 194:
Recipient(s) Reference: Configurati
Page 195 and 196:
No warning Reference: Configuration
Page 197 and 198:
11.9.8 Reports Options available in
Page 199:
This manual was created with great
show all

User Manual

Create successful ePaper yourself

Delete template?

Save as template?