Anti-Spoofing checks whether only packets with allowed source IP addresses are received at individual interfaces of the WinRoute host. This function protects WinRoute host from attacks from the internal network that use false IP addresses (so called spoofing).

For each interface, any source IP address belonging to any network connected to the interface is correct (either directly or using other routers). For any interface connected to the Internet (so called external interface), any IP address which is not allowed at any other interface is correct.

Detailed information on networks connected to individual interfaces is acquired in the routing table.

The Anti-Spoofing function can be configured in the Anti-Spoofing folder in Configuration → Advanced Options.

This function defines a limit for the maximum number of connections which can be established from one local host (workstation) to the Internet. This feature can be set in the lower section of the Security Settings under Configuration → Advanced Options. If sum of all connections from a single host to individual servers in the Internet reaches the set value, WinRoute blocks other connections.

Connections count limit is useful especially when a local client host is attacked by a worm or Trojan horse which attempts to establish connections to larger number of various servers. Connection count limits protects the firewall (the WinRoute host) from flooding and it can reduce undesirable activities by worms and Trojan horses.

Note: This feature does not limit number of connections coming in from the Internet (such as access to mapped services). Limiting of number of connections to a service would increase risk of so called DoS attack (overloading of a service by establishing of large number of concurrent connections).