Siemens 6500 Series manual Attack Detection

Page 67

6500 Series Residential Gateway User’s Guide

Configuring Advanced Features

Attack Detection

If the Attack Detection System is enabled, the Gateway provides protection against the most common hacker attacks that attempt to access your computer/network from the Internet. Intrusion attempts can also be logged to provide a record of attempts and their source (when available).

To enable and configure the attack detection feature:

1.Select Attack Detection from the “Firewall Settings” window.

2.Click the Configure hyperlink next to Attack Detection option. This displays the “Attack Detection Configuration” window.

3.Select Enable Attack Detection.

4.Select Filter for each event in the list you want to filter or, if you want to filter all events, select Filter All. This provides maximum protection against malicious intrusion from outside your network.

5.Select Log for each event in the list you want to log or, if you want to log all events, select Log All.

6.Click Apply.

Below is a description of each event that can be monitored.

Same Source and Destination Address

An outside device can send a SYN (synchronize) packet to a host with the same source and destination address (including port) causing the system to hang. When the receiving host tries to respond to the source address in the packet, it ends up just sending it back to itself. This packet could ping-pong back and forth over 200 times (consuming CPU resources) before being discarded.

Broadcast Source Address

An outside device can send a ping to your Gateway broadcast address using a forged source address. When your system responds to these pings, it is brought down by echo replies.

LAN Source Address on LAN

An outside device can send a forged source address in an incoming IP packet to block trace back.

Invalid IP Packet Fragment

An outside device can send fragmented data packets that can bring down your system. IP packets can be fairly large in size. If a link between two hosts transporting a packet can only handle smaller packets, the large packet may be split (or fragmented) into smaller ones. When the packet fragments get to the destination host, they must be reassembled into the original large packet like pieces of a puzzle. A specially crafted invalid fragment can cause the host to crash

TCP NULL

An outside device can send an IP packet with the protocol field set to TCP but with an all null TCP header and data section. If your Gateway responds to this attack, it will bring down your system.

62

Page 66 Page 68
Image 67
Page 66 Page 68
Contents SpeedStream→ Residential Gateway User’s Guide Limitations Contents Series Residential Gateway User’s Guide Contents Introduction Features of the Residential GatewayNetwork LAN Features Security FeaturesAdvanced Gateway Functions Configuration & ManagementMinimum System Requirements Package ContentsFront Panel LEDs Physical DetailsRear Panel General Safety GuidelinesHardware Installation InstallationBasic Installation Procedure In-Line Filter Installing Line FiltersWall-Mount Filter Connect the DSL cable Connecting CablesConnect the power Connect the Ethernet cablesConnect the USB Cable USB Installation Method Microsoft WindowsInstall USB Driver Software USB Driver Installation Macintosh SystemsCheck TCP/IP Protocol Settings Operating System ConfigurationChecking TCP/IP Settings Windows 9x/ME Checking TCP/IP Settings Windows Checking TCP/IP Settings Windows XP Ethernet Adaptor en0,en1,… if connecting via USB Checking TCP/IP Settings MAC OS 8.6 throughChecking TCP/IP Settings MAC OSX For Windows XP Internet Access ConfigurationClick Setup. This starts the New Connection Wizard For Windows 9x/2000Before Configuring the Gateway SpeedStream Gateway SetupTo do this Refer to Using your Web Browser Connecting to the GatewayGateway Setup Wizard Page WEP 64-bits Disable SecurityWEP 128-bits Continue DisableEnable Surf NowOpen System Wireless Setup WEP 64-Bit OptionShared Key Wireless Setup WEP 128-Bit Option Tkip Wireless Setup WPA PSK OptionMenu Bar Home WindowLogging into the Gateway ToolbarLogging out of the Gateway Configuring Users Configuring Users and DevicesAdding a User Disable all Content Filtering Gamer AdministratorWeb Surfer Infinite Time Only allowed fromMinutes Page Editing a User Profile Click Delete User Deleting a UserViewing User Logs Configuring Devices Gateway Options discussed in this chapter Configuring Advanced FeaturesISP Connection Configure the ATM Virtual Circuit Advanced ISP SettingsATM Virtual Circuits Static Routes Dynamic DNS To set up Dynamic DNS on the GatewayRIP Routing Information Protocol LAN/WAN Port Home NetworkIP Network Server Ports LAN/WAN Port Select Enable to enable the Wireless Interface Wireless NetworkWPA PSK Wireless Setup WEP 64-Bit Option Advanced Home Network Wireless Setup WEP 128-Bit Option Advanced Home Network Wireless Setup WPA PSK Option Advanced Home Network Allow Wireless Filter and Options ConfigurationDeny RTS/CTS Threshold Data Transfer RateFragmentation Threshold Maximum Powerline Security ConfigurationMinimum StandardEnables powerline filtering Select Universal Plug and Play UPnP Universal Plug and PlayEnable Access Logging Disable UPnPEnable Discovery and Advertisement only Ssdp Enable full Internet Gateway Device IGD supportSecurity IP Filtering Firewall SettingsLevel Attack DetectionCustom Security LevelLow HighAttack Detection Fragmented Icmp Header Fragmented TCP PacketFragmented TCP Header Fragmented UDP HeaderIP Filtering This IP Address Any IP AddressAny IP Address TCP/UDP Options Window Icmp Options Window Clone IP Filter Rules Make Settings Last for Disable DMZEnable DMZ with this Host IP address Make Settings PermanentFirewall Snooze Control Disable SnoozeEnable Snooze, and set the Snooze time interval to Reset the Snooze time interval toClick Save Settings Administrator PasswordPort By-Pass Napt Address TranslationAddress Translation With NAT Address Translation With Napt − Domain Redirect selected protocol/service to this routerRedirect selected protocol/service to IP Address − TelnetGateway Health options discussed in this chapter Monitoring Gateway HealthSecurity Stats StatisticsInternet Stats Home Networking StatsATM Statistics Internet StatsDSL Statistics Ethernet Statistics Powerline StatisticsWireless Statistics Home Networking StatsFirewall Logging User AccessLogging System LoggingRemote Update FirmwareLocal Diagnostics Customize Miscellaneous Gateway OptionsCustomization options discussed in this chapter Color Palette Language Time Zone Select Yes for Enable Time ClientReboot Problem Cant connect to the Gateway to configure it TroubleshootingGeneral Issues Internet AccessInternet Contacting Technical SupportTelephone FaxSpecifications OAM F5 Routing Bridging AAL and ATM Support Power CertificationsSiemens Subscriber Network
Top Page Image Contents