• Hanbiro IPS Outline
• DDoS defend
• Type of attacks and blocks
• Customer Admin Page

Hanbiro will introduce the IPS for Self-developed DDoS.

Features

• AutoBlock is possible for TCP/ UDP/ ICMP attack
• Program Design to fix PS overload
• Apply various TCP attack patterns and popular attack patterns
• Able to block by inserting specific rule
• Able to set block and allow domestic and international connections
• White / black list configuration and operating
• Even the most normal traffic attack, defense is possible through TCP packet trace
• No additional configuration is required on the server to IPS
• No modification in oerating network
• White/ black list configuration and operating through a socket connection and server system

---

Traffic and Packet Tracking Table

• EXTERNAL(Red) → Incoming traffic packets from outside
• INTERNAL(Green) → After filtering in Hanbiro IPS, traffic and packet are sent to an internal server

Check the amount of traffic packets, packet total length every three minutes
By clicking on the line of time, the following table will be shown.

---

Detailed analysis table of packets

• Destination IP → Indicate whether packet was sent or not and sent to which server in Hanbiro IPS bottom
• Source IP → IP of accessed Clients IP

You can see IP, protocol, port, packet length, packet count, and packets percent by type of packet.
Length of the packet or count displays at least 20% of the packets in orange.
When attacks occur, the attack targeted IP and what type of attack packets can be determined.
If you click on a specific IP, detailed analysis of the sent and received packet of the destination IP is shown as below.

---

Detailed profiles by IP

It is possible to check packet count and traffic generated in destination IP, and what type of packet flows happened to a specific server.

---

Real-time packet status

The immediate and effective defense against attacks is available though a detailed analysis of the attack packets and real-time analysis of the flow type of the packet.