Siemens 5450 manual Attack Detection

Page 52

5450 Four-Port Router User’s Guide

Configuring Advanced Features

Attack Detection

If the Attack Detection System is enabled, the router provides protection against the most common hacker attacks that attempt to access your computer/network from the Internet. Intrusion attempts can also be logged to provide a record of attempts and their source (when available).

To enable and configure the attack detection feature:

1.Select Attack Detection from the “Firewall Settings” window.

2.Click the Configure hyperlink next to Attack Detection option. This displays the “Attack Detection Configuration” window.

3.Select Enable Attack Detection.

4.Select Filter for each event in the list you want to filter or, if you want to filter all events, select Filter All. This provides maximum protection against malicious intrusion from outside your network.

5.Select Log for each event in the list you want to log or, if you want to log all events, select Log All.

6.Click Apply.

Below is a description of each event that can be monitored.

Same Source and Destination Address

An outside device can send a SYN (synchronize) packet to a host with the same source and destination address (including port) causing the system to hang. When the receiving host tries to respond to the source address in the packet, it ends up just sending it back to itself. This packet could ping-pong back and forth over 200 times (consuming CPU resources) before being discarded.

Broadcast Source Address

An outside device can send a ping to your router broadcast address using a forged source address. When your system responds to these pings, it is brought down by echo replies.

LAN Source Address on LAN

An outside device can send a forged source address in an incoming IP packet to block trace back.

Invalid IP Packet Fragment

An outside device can send fragmented data packets that can bring down your system. IP packets can be fairly large in size. If a link between two hosts transporting a packet can only handle smaller packets, the large packet may be split (or fragmented) into smaller ones. When the packet fragments get to the destination host, they must be reassembled into the original large packet like pieces of a puzzle. A specially crafted invalid fragment can cause the host to crash

TCP NULL

An outside device can send an IP packet with the protocol field set to TCP but with an all null TCP header and data section. If your router responds to this attack, it will bring down your system.

47

Page 51 Page 53
Image 52
Page 51 Page 53
Contents SpeedStream→ Residential Family User’s Guide Four-Port RouterFour-Port Router User’s Guide Limitations Contents Four-Port Router User’s Guide Contents Features of the 5450 Router Network LAN FeaturesSecurity Features IntroductionPackage Contents Minimum System RequirementsFront Panel LEDs Physical DetailsRear Panel Page General Safety Guidelines Hardware Installation InstallationBasic Installation Procedure Installing Line Filters In-Line FilterConnecting Cables to Ethernet Connect the Ethernet cablesOperating System Configuration Check TCP/IP Protocol SettingsChecking TCP/IP Settings Windows 9x/ME Checking TCP/IP Settings Windows Checking TCP/IP Settings Windows XP Checking TCP/IP Settings MAC OS 8.6 through Checking TCP/IP Settings MAC OSX Internet Access Configuration Click Setup. This starts the New Connection WizardFor Windows 9x/2000 For Windows XPBefore Configuring the Router SpeedStream Router SetupTo do this Refer to Connecting to the Router Using your Web BrowserRouter Setup Wizard Surf Now ContinueHome Window Menu BarLogging into the Router ToolbarLogging out of the Router Configuring Users Configuring Users and DevicesAdding a User Disable all Content Filtering Administrator GamerWeb Surfer Only allowed fromInfinite Time MinutesPage Editing a User Profile Deleting a User Click Delete UserViewing User Logs Configuring Devices Configuring Advanced Features Gateway Options discussed in this chapterISP Connection Advanced ISP Settings Configure the ATM Virtual CircuitATM Virtual Circuits Static Routes To set up Dynamic DNS on the router Dynamic DNSRIP Routing Information Protocol Home Network LAN/WAN Port UPnPIP Network Server Ports LAN/WAN Port UPnP Universal Plug and Play Select Universal Plug and PlayDisable UPnP Enable Discovery and Advertisement only SsdpEnable full Internet Gateway Device IGD support Enable Access LoggingSecurity Firewall Settings LevelAttack Detection IP FilteringSecurity Level LowHigh CustomAttack Detection Fragmented TCP Packet Fragmented TCP HeaderFragmented UDP Header Fragmented Icmp HeaderIP Filtering Any IP Address This IP AddressAny IP Address Any Less than or equal toEqual to Greater than or equal toIcmp Options Window Clone IP Filter Rules Disable DMZ Enable DMZ with this Host IP addressMake Settings Permanent Make Settings Last forDisable Snooze Enable Snooze, and set the Snooze time interval toReset the Snooze time interval to Firewall Snooze ControlAdministrator Password Click Save SettingsAddress Translation Port By-Pass NaptAddress Translation With NAT Address Translation With Napt Redirect selected protocol/service to this router Redirect selected protocol/service to IP Address− Telnet − DomainMonitoring Router Health Gateway Health options discussed in this chapterStatistics Internet StatsHome Networking Stats Security StatsInternet Stats ATM StatisticsEthernet Home Networking Stats Logging System LoggingRemote Update FirmwareLocal Diagnostics Miscellaneous Router Options CustomizeColor Palette Language Select Yes for Enable Time Client Time ZoneReboot Troubleshooting General IssuesInternet Access Problem Cant connect to the router to configure itContacting Technical Support TelephoneFax InternetSpecifications Routing Bridging AAL and ATM Support Power Certifications OAM F5Siemens Subscriber Network

5450 specifications

The Siemens 5450 is a state-of-the-art industrial automation platform designed to enhance manufacturing processes and improve operational efficiency. This advanced system integrates robust hardware and innovative software solutions, making it a vital tool for businesses looking to stay competitive in a rapidly evolving landscape.

One of the main features of the Siemens 5450 is its modular architecture, allowing for easy customization and scalability. This means organizations can tailor the system according to their specific needs, expanding capabilities as their operations grow. The system accommodates a variety of modules, including I/O, communication, and processing units, ensuring that it can support diverse applications across industries.

The Siemens 5450 is also equipped with the latest technologies in connectivity and communication. It supports industrial Ethernet, enabling seamless integration with existing network infrastructure, and facilitating real-time data exchange. This connectivity ensures that production processes are monitored and controlled efficiently, maximizing productivity while minimizing downtime.

Another significant characteristic of the Siemens 5450 is its sophisticated processing power. The platform is built on high-performance processors that provide rapid data processing capabilities. This performance is crucial for applications that require quick decision-making, such as quality control and machine management. Additionally, the system supports advanced algorithms for predictive maintenance, allowing businesses to anticipate equipment failures before they occur.

Security is a top priority for the Siemens 5450. The platform incorporates various security measures, including user authentication, data encryption, and secure communication protocols. These features protect sensitive information and maintain the integrity of the system, which is critical in today’s connected industrial environments.

Furthermore, the Siemens 5450 boasts an intuitive user interface that simplifies operation and monitoring. The graphical interface is designed for ease of use, allowing operators to navigate through processes and data effortlessly. This usability enhances training for new staff and reduces the potential for human error.

In conclusion, the Siemens 5450 is a comprehensive industrial automation platform that combines flexibility, advanced communication, and powerful processing capabilities. Its focus on security and user-centered design makes it an ideal choice for companies aiming to streamline operations and embrace the future of manufacturing technology.
Top Page Image Contents