Efficient Networks 5400 Series Select a protocol to filter, Specify Source Port Operator options

Page 40

SpeedStream Router User Guide

Step 3: Select a protocol to filter:

•In the Select by Name list box, select the protocol name. - or -

In the Select by Number text box, enter the protocol number.

Depending on the protocol you selected in Step 3, select the applicable rule options:

•If you selected TCP/UDP in Step 3, go to Step 4a.

•If you selected ICMP in Step 3, go to Step 4b.

•If you selected any other protocol in Step 3, go to Step 5.

Step 4a: If TCP/UDP chosen in Step 3, select the desired rule options:

1.Specify Source Port Operator options:

•Select the source port operator.

•Enter the first port number.

•If applicable, enter the second port number.

2.Specify Destination Port Operator options:

•Select the destination port operator.

•Enter the first port number.

•If applicable, enter the second port number.

•If applicable, select Apply rule only to TCP connections that are already established.

•If applicable, select Check syn packets for TCP connectors.

Step 4b. If ICMP chosen in Step 3, select the desired ICMP rule options.

•From the table, select one or multiple options; or click All Types to automatically select all options.

Step 5. Apply the rule definition, clear the form, or reset the form.

•To accept the settings, click Apply.

ADS (Attack Detection System)

The firewall Advanced Attack Detection System (ADS) contains various algorithms to detect and identify WAN attacks the moment they start and protect the LAN from such attacks. Though WAN access may be temporarily hindered, the LAN is protected from harmful traffic.

ADS typically looks for two types of packets: malformed packets and spoofed source address packets.

•Malformed packets have been purposefully constructed with errors in them. These are used to crash systems that don’t properly handle the errors. This type of attack usually happens against large sites rather than home users.

32

Image 40

Contents Router User Guide Software License General Provisions Contents Viewing Status Screens Iii List of Illustrations 51-57SpeedStream Router User Guide Introduction Hardware DescriptionFeatures and Benefits About the SpeedStream RouterFirewall Security General Safety GuidelinesSession Tracking Installing the Router Hardware InstallationBasic Installation Procedure Minimum System RequirementsRecording System Settings Installing Line FiltersIn-Line Filter Wall-Mount Filter Connecting the CablesTwo-to-One Adapter Ethernet Installation Method USB Installation Method Windows 95 / 98 / ME Configuring Computer Network SettingsTCP/IP Properties dialog box displays TCP/IP Properties dialog box, click the IP Address tab Windows NT Windows Double-clickNetwork and Dial-up ConnectionsWindows XP Getting Started Navigating the Web InterfaceLevel SnoozeIP Filter Rules Screen Navigation ElementsLog Logging On to the Web Interface To log on to the Web interface for the first timeEntering the Network Password Logging On to a PPP SessionAccess Concentrator Service NameCustomizing Router Settings To specify the host configuration settingsClick Save Settings HostDhcp Configuration Options To specify the Dhcp configuration settings User Setup System Login To change the user name or passwordTime Client Configuration Options To configure the Time ClientTime Client Static RoutesTo access the NAT/NAPT Configuration screen To disable NAT and NaptTo enable NAT and specify a destination IP address NAT/NAPT ServerTo enable Napt Port Forwarding Configuration OptionsPort Forwarding To edit an existing port forwarding configuration To delete an existing entryTo delete all entries in the table To add a port forwarding entryFirewall Firewall Security LevelsDMZ Configuration Options DMZ SettingsFirewall Snooze Control To enable DMZ and specify an accessible computer To disable DMZ On the Firewall DMZ Configuration screen, click Disable DMZCustom IP Filter Rules Cloning a Rule DefinitionFirewall Simple Setup screen Custom IP Filter ConfigurationCreating Custom IP Filter Rules Fill in the following informationSelect a protocol to filter If TCP/UDP chosen in , select the desired rule optionsSpecify Source Port Operator options Specify Destination Port Operator optionsBackground Types of AttackADS Configuration Options To enable ADS Select Enable Attack DetectionTo save the new settings To filter, or drop, a packet typeTo configure RFC2684 settings RFC2684 Configuration OptionsRFC2684 Bridge Mode UPnP Configuration OptionsTo configure UPnP settings UPnP Universal Plug and PlayTo enable bridge mode RIP Configuration OptionsRIP Routing Information Protocol LAN Servers To configure RIP settingsSystem Log System Log Configuration Options RebootTo configure the System Log Reset Firmware UpdateTo reset the router To update the router firmwareTo cancel the reset DiagnosticsClick Run Diagnostics at the bottom of the screen Viewing Status Screens System SummaryInterface Map Firewall LogTo display the Interface Map Interface Map Interface Map screen displaysTo update the display Status and Statistics ScreensATM/AAL Status/Statistics To display the System Log screenDSL Status/Statistics Ethernet Status/StatisticsUSB Status/Statistics RoutesBasic Troubleshooting Steps TroubleshootingInterpreting the LED Display Resolving Specific Issues Pwr LED Not LitContacting Technical Support Administrative User Setup Configuration Data SheetsAttack Detection System Firewall Custom IP Filter Configuration Firewall DMZ Firewall Level Firewall Snooze ControlPPP Login RIP Static RouteUPnP Technical Specifications Firewall Security Levels ProtocolNeed for Speed VNC Acronyms and Technical Concepts AcronymsRx Errors MAC addressOctet PPPoETechnical Concepts Dhcp Dynamic Host Configuration Protocol Icsa 3.0a-compliancy PPP Point-to-Point Protocol Index Data Sheets See Configuration Data Sheets PPP Network TCP