5.3. Static DHCP Assignment .......................................................................185
5.3.1. DHCP Advanced Settings ............................................................185
5.4. DHCP Relaying ...................................................................................187
5.4.1. DHCP Relay Advanced Settings ................................................... 188
5.5. IP Pools .............................................................................................. 190
6. Security Mechanisms .......................................................................................193
6.1. Access Rules .......................................................................................193
6.1.1. Introduction ..............................................................................193
6.1.2. IP spoofing ............................................................................... 193
6.1.3. Access Rule Settings ..................................................................194
6.2. ALGs .................................................................................................196
6.2.1. Overview ................................................................................. 196
6.2.2. The HTTP ALG ........................................................................197
6.2.3. The FTP ALG ...........................................................................200
6.2.4. The TFTP ALG ......................................................................... 206
6.2.5. The SMTP ALG ........................................................................207
6.2.6. The POP3 ALG ......................................................................... 216
6.2.7. The SIP ALG ............................................................................216
6.2.8. The H.323 ALG ........................................................................ 226
6.2.9. The TLS ALG ........................................................................... 239
6.3. Web Content Filtering ...........................................................................242
6.3.1. Overview ................................................................................. 242
6.3.2. Active Content Handling .............................................................242
6.3.3. Static Content Filtering ...............................................................243
6.3.4. Dynamic Web Content Filtering ...................................................245
6.4. Anti-Virus Scanning .............................................................................259
6.4.1. Overview ................................................................................. 259
6.4.2. Implementation ......................................................................... 259
6.4.3. Activating Anti-Virus Scanning ....................................................260
6.4.4. The Signature Database ..............................................................260
6.4.5. Subscribing to the D-Link Anti-Virus Service .................................261
6.4.6. Anti-Virus Options .....................................................................261
6.5. Intrusion Detection and Prevention ..........................................................265
6.5.1. Overview ................................................................................. 265
6.5.2. IDP Availability in D-Link Models ...............................................265
6.5.3. IDP Rules .................................................................................267
6.5.4. Insertion/Evasion Attack Prevention ..............................................268
6.5.5. IDP Pattern Matching ................................................................. 269
6.5.6. IDP Signature Groups ................................................................. 270
6.5.7. IDP Actions .............................................................................. 271
6.5.8. SMTP Log Receiver for IDP Events ..............................................272
6.6. Denial-of-Service Attack Prevention ........................................................276
6.6.1. Overview ................................................................................. 276
6.6.2. DoS Attack Mechanisms ............................................................. 276
6.6.3. Ping of Death and Jolt Attacks .....................................................276
6.6.4. Fragmentation overlap attacks: Teardrop, Bonk, Boink and Nestea ......277
6.6.5. The Land and LaTierra attacks .....................................................277
6.6.6. The WinNuke attack ...................................................................277
6.6.7. Amplification attacks: Smurf, Papasmurf, Fraggle ...........................278
6.6.8. TCP SYN Flood Attacks ............................................................. 279
6.6.9. The Jolt2 Attack ........................................................................279
6.6.10. Distributed DoS Attacks ............................................................279
6.7. Blacklisting Hosts and Networks .............................................................280
7. Address Translation ........................................................................................283
7.1. NAT .................................................................................................. 283
7.2. NAT Pools .......................................................................................... 288
7.3. SAT ...................................................................................................291
7.3.1. Translation of a Single IP Address (1:1) .........................................291
7.3.2. Translation of Multiple IP Addresses (M:N) .................................... 294
7.3.3. All-to-One Mappings (N:1) ......................................................... 297
7.3.4. Port Translation .........................................................................297
7.3.5. Protocols handled by SAT ........................................................... 297
7.3.6. Multiple SAT rule matches ..........................................................298
User Manual
6