home *** CD-ROM | disk | FTP | other *** search
- 0#GENERAL POLICY
- 1#FOREIGN ATTACKS CONTROL (Trojans, Scans,...)
- 2#It is Highly recommended to BLOCK received communication from a host that you
- did not address. It's unusual to receive a communication from a computer you did not address first
- unless you have installed a server on your machine (Web server ..)
- or you are located on a Local Area Network(LAN).
- Please ask your local administrator about the decision to take.
- In a modem-connection to Internet, such kind of communications,
- have as origin a hacking machine (Trojan, scans), trying to attack,
- or analyze your machine resistance.
- 3#Discard these packets
- 4#PROTOCOLS OTHER THAN TCP/IP PROTOCOLS
- 5#If you use only Internet and if your station is not apart of a Novell Local area Network,
- and if you are not running or using an application build on NETbeui (an IBM specific protocol,
- used in some Microsoft environments),
- It is RECOMMENDED to block communications using other protocols than IP protocols
- If you are connected to a LAN, please ask your security administrator about the decision to take.
- 6#Drop those protocols
- 7#ICMP
- 8#It is recommended to block ICMP packets, if you have a modem-connection to the Internet,
- since the information and actions related to this protocol can be the source of attacks
- on your machine and also on other machines of the Internet
- (see "Smurf Attacks" and more details about those kinds of attacks in the help file of this wizard).
- If you are connected to a LAN, please ask your security administrator about the decision to take,
- since this protocol can be useful at the level of this kind of Networks.
- 9#Block ICMP packets
- 10#ARP AND RARP BLOCKING
- 11#It is HIGHLY recommended to allow ARP and RARP paquets,
- otherwize you will be preventing your computer from many other services
- 12#Allow ARP/RARP paquets
- 13#DROP FRAGMENTS
- 14#It is recommended to activate this option, which drop packets that come fragmented,
- since some attacks are based on holes in the process
- of reassembly of (IP) communication messages.
- 15#Drop fragments
- 16#DROP UNROUTED IP ADDRESSES
- 17#It is recommended to activate this option, which drop unrouted ip addresses,
- since some attacks are based on these addresses
- Unless you are using this unrouted ip addresses for your Local Network Area.
- In case of LAN, please ask your security administrator about the decision to take.
- 18#Drop unrouted ip addresses
- 19#IP SPOOFING Protection
- 20#It is recommended to activate this option,
- to insure that your computer will not be a source of attacks to others;
- Using tools that change the source (IP) address of the communications(IP Spoofing),
- in purpose to hack other computers.
- (see More details about those kinds of attacks in the help file of this wizard).
- You have to be aware that a little overhead will be occasioned by choosing this option.
- 21#Use this option
- 22#Incoming Netbios Broadcasts
- 23#It is recommended to block incoming netbios broadcasts
- when Foreign Attacks Control option is set to Ask For Action.
- Otherwise SPHINX will consider them as foreign connections attempts.
- Thus you will be asked about the action each time a flow of this kind is intercepted.
- 24#Drop netbios broadcasts
- 25#Identification Broadcasts
- 26#It is recommended to block identification broadcasts
- when Foreign Attacks Control option is set to Ask For Action.
- Otherwise SPHINX will consider them as foreign connections attempts.
- Thus you will be asked about the action each time a flow of this kind is intercepted.
- 27#Drop identification broadcasts
- 28#Network Adapter Settings
- 29#To work with all the previous options you have set,
- you should set the network adapter to personalized.
- In case you are not sure about your previous settings, you have only to choose
- your network adapter, according to that SPHINX will configure the general policy settings.
- 30#Set to personalized
- //end Policy Wizard panel
-
