D-Link DSL-500G manual Managing the Black List

Page 47

DSL-500G ADSL Router User’s Guide

Follow these instructions to configure global firewall settings:

Configure any of the following settings that display in the Firewall Global Information table:

Black List Status: If you want the device to maintain and use a black list, click Enable. Click Disable if you do not want to maintain a list.

Black List Period(min): Specifies the number of minutes that a computer's IP address will remain on the black list (i.e., all traffic originating from that computer will be blocked from passing through any interface on the Router). For more information, see Managing the Black List below.

Attack Protection: Click the Enable radio button to use the built-in firewall protections that prevent the following common types of attacks:

IP Spoofing: Sending packets over the WAN interface using an internal LAN IP address as the source address.

Tear Drop: Sending packets that contain overlapping fragments.

Smurf and Fraggle: Sending packets that use the WAN or LAN IP broadcast address as the source address.

Land Attack: Sending packets that use the same address as the source and destination address.

Ping of Death: Illegal IP packet length.

DoS Protection: Click the Enable radio button to use the following denial of service protections: SYN DoS

ICMP DoS

Per-host DoS protection

Max Half open TCP Connection: Sets the percentage of concurrent IP sessions that can be in the half- open state. In ordinary TCP communication, packets are in the half-open state only briefly as a connection is being initiated; the state changes to active when packets are being exchanged, or closed when the exchange is complete. TCP connections in the half-open state can use up the available IP sessions. If the percentage is exceeded, then the half-open sessions will be closed and replaced with new sessions as they are initiated.

Max ICMP Connection: Sets the percentage of concurrent IP sessions that can be used for ICMP messages. If the percentage is exceeded, then older ICMP IP sessions will be replaced by new sessions as the are initiated.

Max Single Host Connection: Sets the percentage of concurrent IP session that can originate from a single computer. This percentage should take into account the number of hosts on the LAN.

Log Destination: Specifies how attempted violations of the firewall settings will be tracked. Records of such events can be sent via Ethernet to be handled by a system utility Ethernet to (Trace) or can e- mailed to specified administrators.

E-mail ID of Admin 1/2/3: Specifies the e-mail addresses of the administrators who should receive notices of any attempted firewall violations. Type the addresses in standard internet e-mail address format. The e-mail message will contain the time of the violation, the source address of the computer responsible for the violation, the destination IP address, the protocol being used, the source and destination ports, and the number violations occurring the the previous 30 minutes. If the ICMP protocol were being used, then instead of the source and destination ports, the e-mail will report the ICMP code and type.

Click the Submit button to save the settings in temporary memory. When you are done making changes to the configuration settings, open the Commit & Reboot menu and click the Commit button to save your changes to permanent memory.

Managing the Black List

If data packets are received that violate the firewall settings or any of the IP Filter rules, then the source IP address of the offending packets can be blocked from such accesses for a specified period of time. You can enable or disable use of the black list using the settings described above. The source computer remains on the black list for the period of time that you specify.

To view the list of currently blacklisted computers, click the Black List button at the bottom of the Firewall Configuration page. The table displays the following information for each entry:

37

Page 46 Page 48
Image 47
Page 46 Page 48
Contents DSL-500G Adsl Router Hardware Limited WarrantyWichtige Sicherheitshinweise Software Link Offices for Registration and Warranty ServiceFCC Warning TrademarksCopyright Statement Contents Figures Guide Overview Installation OverviewRequirements Before You StartWeb Browser Router vs. Bridge ModeAdditional PVC Settings Operating SystemPacking List Page Router Description and Operation Router FeaturesWhat is ADSL? Rear Panel Front PanelComputer to Router Connection Hardware InstallationConnect Ethernet LAN to Router Connect Adsl LinePower On Router Hub or Switch to Router ConnectionWan Configuration Summary Configuring IP Settings on Your ComputerConfigure Windows XP for Dhcp DSL-500G Adsl Router User’s Guide DSL-500G Adsl Router User’s Guide Windows Configure Windows 2000 for DhcpWindows 95 Configure Windows ME for DhcpWindows ME Windows NT 4.0 workstations Configure Windows 95, 98 for DhcpConfigure Windows NT 4.0 for Dhcp Check for Proxy service in Windows Internet Explorer Access the Web Configuration ManagerWeb-based Manager Main Menu First Time Log On Quick Configuration Window Configure WAN Connection Adsl Service ConnectionCommit and Reboot Menu Commit & RebootManager Interface Layout Web Configuration Management GuideQuick Configuration WAN Interface Services SummaryHome Page System View DeviceLAN IP Address Change LAN IP SettingsSystem Mode Get LAN IP AddressDhcp Mode Configuration Dhcp Service ModesAdditional Virtual Connections WAN Configuration OptionsATM VC Configuration MAX Proto per AAL5 VCC InterfaceMux Type PPP Configuration PPP ConfigurationPPP Interface Service NameLogin Name Login PasswordNetmask IpoA ConfigurationIPoA Interface Conf. IP AddressAdd IPoA Interface EOA Configuration EOA ConfigurationNet Mask EOA InterfaceBridge Configuration Bridge Configuration Menu IP Route Routing ConfigurationAdding IP Routes IP AddressNAT Local Address To Rule IDLocal Address FromRIP Firewall Firewall ConfigurationManaging the Black List IP Filter IP Filter ConfigurationIP Filter Rule Add Adding an IP Filter RuleDSL-500G Adsl Router User’s Guide DSL-500G Adsl Router User’s Guide DNS Configuration Configuring DNS RelayDSL-500G Adsl Router User’s Guide Blocked Protocols Blocked ProtocolsChange User Password Changing the Manager PasswordReboot the Router Commit & RebootReboot From Default Reboot OptionsImage Upgrade ConfigurationDiagnostics Window DiagnosticsAlarm/Trap Information AlarmsTechnical Specifications In-Line Filters In-line Filter InstallationSplit Line Filter Split Line Filter InstallationOffices Norway Link Norway Print, type or use block letters Registration Card
Top Page Image Contents