User Manual
User Manual
User Manual
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
� TCP Port Scan<br />
� UDP Port Scan<br />
� Incoming rules<br />
� Incoming IP protocol rule<br />
� Outgoing rules<br />
� Buttons to manage the rules<br />
ICMP protocol<br />
Reference: Configuration options<br />
The Internet Control Message Protocol (ICMP) is used to exchange error and information<br />
messages on networks. The protocol is also used for status messages with ping or tracer.<br />
With this rule, you can define the incoming and outgoing blocked message types, the<br />
behavior in case of flooding and the reaction to fragmented ICMP packets. This rule<br />
serves for preventing so-called ICMP flood attacks, which results in an increase of the<br />
CPU load of the attacked machine as it responds to every packet.<br />
Predefined rules for the ICMP protocol<br />
Setting Rules<br />
Low Incoming blocked types: no type.<br />
Outgoing blocked types: no type.<br />
Assume flooding if delay between packets is less<br />
than 50 ms.<br />
Reject fragmented ICMP packets.<br />
Medium Same rule as for the low level.<br />
High Incoming blocked types: several types<br />
Outgoing blocked types: several types<br />
Assume flooding if delay between packets is less<br />
than 50 ms.<br />
Reject fragmented ICMP packets.<br />
Incoming blocked types: no types/several types<br />
With a mouse click on the link a list of ICMP packet types is displayed. From this list<br />
you can specify the desired incoming ICMP message types you want to block.<br />
Avira Professional Security - <strong>User</strong> <strong>Manual</strong> (Status: 30 Mar. 2012) 145