1. Manuals
  2. Brands
  3. D-Link Manuals
  4. VoIP
  5. DVX-1000
  6. User manual

D-Link DVX-1000 User Manual page 38

Network telephone exchange
Hide thumbs Also See for DVX-1000:
Table of Contents

Advertisement

DVX-1000 User Manual
21.2.2.8 Source routed packets
Source routed packets are blocked on all the available interfaces.
21.2.2.9 TCP SYN cookie protection
A SYN Attack is a denial of service (DoS) attack that consumes all the resources on
your machine, forcing you to reboot. Denial of service attacks -attacks which
incapacitate a server due to high traffic volume or ones that tie-up system resources
enough that the server cannot respond to a legitimate connection request from a
remote system) are easily achievable from internal resources or external connections
via extranets and Internet.
The system is protected against TCP SYN attacks.
21.2.2.10 ICMP Redirect Acceptance
An ICMP Redirect tells the recipient system to over-ride something in its routing
table. It is legitimately used by routers to tell hosts that the host is using a non-
optimal or defunct route to a particular destination, i.e. the host is sending it to the
wrong router. The wrong router sends the host back an ICMP Redirect packet that
tells the host what the correct route should be. If the attacker can forge ICMP
Redirect packets, and if the target host pays attention to them, the attacker can alter
the routing tables on the host and possibly subvert the security of the host by
causing traffic to flow via a path the network manager didn't intend. ICMP Redirects
are also employed for denial of service attacks, where a host is sent a route that
loses it connectivity.
For protecting against this, the ICMP redirect is not accepted.
21.2.2.11 Sending ICMP redirect messages
For the same reason as mentioned above, it is not advisable to send ICMP redirect
messages.
21.2.2.12 Connections from IANA-reserved blocks
IANA has generated a list of reserved blocks of IP Address, from/to where the
connection is not allowed.
21.2.2.13 ICMP Source Quench Messages
An ICMP source quench is generated by a gateway or the destination host and tells
the sending end to ease up because it cannot keep up with the speed at which it's
receiving the data. This service is allowed.
21.2.2.14 ICMP Parameter Problem Messages
The ICMP Parameter Problem message is sent to the source host for any problem not
specifically covered by another ICMP message. Receipt of a Parameter Problem
message generally indicates some local or remote implementation error. These
messages are allowed.
D-Link Confidential
38

Advertisement

Table of Contents
loading

Related Manuals for D-Link DVX-1000

Related Products for D-Link DVX-1000

Table of Contents