|
|
What are the special filters in the firewall system?
This article applies to: BlackICE Defender.
SUMMARY
The firewall settings are controlled by the file "firewall.ini".
Most of the settings deal with port filters, but some
control special conditions. This document explains these
features.
DETAILS
At the top of the file "firewall.ini", there is a section
labeled "[PARMS]". This contains individual
parameters that affect the firewalling functionality.
Note: The firewalling subsystem is independent
from the rest of the system; these parameters have no effect
on any other section, and in particular, are not related to
the intrusion detection subsystem.
The following is a list of parameters and their meanings.
| Parameter | Default | Meaning |
|---|
| auto-blocking | enabled | Whether intrusions should trigger firewall rules, as governed by the "issuelist.csv" file |
| auto-blocking.timeout | 900 | Number of seconds to block aggressive attackers |
| tunnel.dns | enabled | Uses stateful inspection to allow DNS and NetBIOS responses |
| block.badfrags | enabled | Blocks many DoS attacks that use fragmentation (teardrop, SYNdrop, Teardrop2, and Ping of Death |
| block.land | enabled | Blocks the Land attack and its variants |
Keywords: firewall parameters, firewall.ini
Version: all
Fixed: N/A
Modified: 1999-11-11
|
