User Manual
User Manual
User Manual
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Report file<br />
Rule<br />
Reference: Configuration options<br />
With a mouse click on the link you have the choice to log or not to log the attacker's IP<br />
address.<br />
With a mouse click on the link you have the choice to add or not to add the rule to<br />
block the TCP port scan attack.<br />
UDP port scan<br />
With this rule, you can define when a UDP port scan is assumed by the FireWall and what<br />
should be done in this case. This rule prevents so-called UDP port scan attacks that result<br />
in a detection of open UDP ports on your computer. This kind of attack is used to search a<br />
computer for weak spots and is often followed by more dangerous attack types.<br />
Predefined rules for the UDP port scan<br />
Setting Rules<br />
Low Assume a UDP port scan if 50 or more ports were<br />
scanned in 5,000 milliseconds.<br />
When detected, log attacker's IP and don't add<br />
rule to block the attack.<br />
Medium Assume a UDP port scan if 50 or more ports were<br />
scanned in 5,000 milliseconds.<br />
When detected, log attacker's IP and add rule to<br />
block the attack.<br />
High Same rule as for medium level.<br />
Ports<br />
With a mouse click on the link a dialog box appears in which you can enter the number<br />
of ports that must have been scanned so that a UDP port scan is assumed.<br />
Port scan time window<br />
With a mouse click on this link a dialog box appears in which you can enter the time<br />
span for a certain number of port scans, so that a UDP port scan is assumed.<br />
Report file<br />
With a mouse click on the link you have the choice to log or not to log the attacker's IP<br />
address.<br />
Avira Professional Security - <strong>User</strong> <strong>Manual</strong> (Status: 30 Mar. 2012) 147