Attack Detection Options Window (Protect)
This plug-in informs you of a possible attack on your computer from the Internet or the network your computer is connected to. It also recommends the steps to be taken in order to prevent damage to your computer.
The Attack Detection plug-in lets you specify the conditions in which a warning is to be displayed. It also has response settings that will be used if a specified security level is exceeded.
Figure 21
Attack Detection Options Window (Protect)
In the Alarm Level section, move the slider up or down to set a higher or lower level of alarm:
Maximum---A Port Scanned warning is displayed if even a single scanning of your port is detected.
Normal--- A Port Scanned warning is displayed if several ports are scanned or if a specific port is scanned that NCF recognizes as one that is commonly used in attacks.
Minimum---A Port Scanned warning is displayed if a multiple attack is definitely detected.
The lower half of the window lets you specify the steps NCF is to follow if an attack on your computer is detected:
Block the Intruder's IP For---Blocks all network exchanges from the computer attacking yours for the number of minutes you set (default = 60).
Also Block Intruder's Subnet---Blocks all network exchanges from the entire subnet that the intruder belongs to.
Block Local Port If DoS Attack Is Detected--- Blocks the local port if a DoS (Denial of Service) attack is detected.
For more information about fine-tuning this plug-in, read the install\protect.lst file.