Security Settings
WinRoute provides several security options which cannot be defined by traffic rules. These options can be set in the Security settings tab of the Configuration / Advanced Options section.
Anti-Spoofing
Spoofing is a process of translating the IP address of a given packet so that a firewall will believe the request came from a trusted source. Although the packet cannot be routed back to the initial source, there is potential for unnecessary network congestion and possible denial of service. WinRoute is capable of monitoring traffic to verify that packets arriving on an interface do not have a source address which is associated with a network of an opposing interface. In other words, such traffic (although possible) is never justified and should therefore be discarded.
The Anti-Spoofing function can be configured in the Anti-Spoofing folder in Configuration / Advanced Options.
Enable Anti-Spoofing
This option activates Anti-Spoofing.
Log
If this option is on, all packets that have not passed the anti-spoofing rules will be logged in the Security log (for details see chapter Security Log).
Connections Count Limit
This function defines a limit for the maximum number of connections per host. This function can be enabled/disabled and set through the Security Settings tab in Configuration / Advanced Options.
This function can be helpful especially for the following cases:
-
Any service (e.g. WWW server) which is available from the Internet (allowed by traffic rules see chapter Traffic Policy) is running on the local network. Connection count limits protect internal servers from flooding (DoS type attacks Denial of Service).
In this case, the limit is applied to the local server sum of all connections of all connected clients must not exceed this limit.
-
Client computer (workstation) in the local network is attacked by a worm or a Trojan horse which is trying to establish a connection to many servers. Connection count limits protects the WinRoute host from flooding and it can reduce undesirable activities by worms and trojan horses.
In this case, the limit is applied to a host (workstation) in the local network the sum of all connections established from this computer to individual servers in the Internet must not exceed the limit.
