NETGEAR CG814M manual What is a Firewall?, Stateful Packet Inspection, Denial of Service Attack

Page 81

Reference Manual for the Model CG814M Wireless Cable Modem Gateway

What is a Firewall?

A firewall is a device that protects one network from another, while allowing communication between the two. A firewall incorporates the functions of the NAT router, while adding features for dealing with a hacker intrusion or attack. Several known types of intrusion or attack can be recognized when they occur. When an incident is detected, the firewall can log details of the attempt, and can optionally send email to an administrator notifying them of the incident. Using information from the log, the administrator can take action with the ISP of the hacker. In some types of intrusions, the firewall can fend off the hacker by discarding all further packets from the hacker’s IP address for a period of time.

Stateful Packet Inspection

Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. Since user-level applications such as FTP and Web browsers can create complex patterns of network traffic, it is necessary for the firewall to analyze groups of network connection “states.” Using Stateful Packet Inspection, an incoming packet is intercepted at the network layer and then analyzed for state-related information associated with all network connections. A central cache within the firewall keeps track of the state information associated with all network connections. All traffic passing through the firewall is analyzed against the state of these connections in order to determine whether or not it will be allowed to pass through or rejected.

Denial of Service Attack

A hacker may be able to prevent your network from operating or communicating by launching a Denial of Service (DoS) attack. The method used for such an attack can be as simple as merely flooding your site with more requests than it can handle. A more sophisticated attack may attempt to exploit some weakness in the operating system used by your router or gateway. Some operating systems can be disrupted by simply sending a packet with incorrect length information.

Networks, Routing, and Firewall Basics

B-11

Image 81

Contents NETGEAR, Inc Trademarks World Wide Web Page Contents USB Appendix a Appendix C Contents Contents About This Manual AudienceTypographical Conventions Technical Support Special Message FormatsChapter Introduction Key FeaturesAbout the CG814M Gateway Built-in Cable ModemPowerful, True Firewall Content Filtering802.11b Standards-based Wireless Networking Configurable Auto Uplink Ethernet Connection USB PortProtocol Support Easy Installation and Management Firewall’s Front Panel What’s in the Box?LED Descriptions CG814M Gateway Rear Panel Gateway’s Rear PanelIntroduction What You Will Need Before You Begin Connecting the Gateway to the InternetLAN Hardware Requirements Computer RequirementsLAN Configuration Requirements Internet Configuration RequirementsWhere Do I Get the Internet Configuration Parameters? Connecting the Gateway to the Internet Record Your Internet Connection Information Connecting to Your Computer Connecting the CG814M GatewayUSB EthernetWireless Connecting to your Cable Service ProviderLog in to the Gateway Connecting the Power AdapterLogin window opens as shown in -3below Connect to the Internet Configuration Connecting the CG814M Gateway to the InternetConnecting the Gateway to the Internet Connecting the Gateway to the Internet Connecting the Gateway to the Internet Chapter Wireless Configuration Considerations For a Wireless NetworkSecurity Placement and Range Wireless SettingsRestricting Wireless Access by MAC Address Wireless SettingsConfiguring Wired Equivalent Privacy WEP Wireless Configuration Wireless Configuration Protecting Access to Your CG814M Gateway Changing the Built-In PasswordChapter Protecting Your Network Set Password menu Blocking Keywords, Sites, and ServicesBlock Keywords and Domains Click on the Block Sites link of the Content Filtering menu Proxy Blocking ServicesCookies Port BlockingPort Blocking menu Port ForwardingTo forward inbound traffic Considerations for Port Forwarding Port TriggeringTo configure Port Triggering Respond to Ping on Internet WAN Port Setting Up a Default DMZ HostProtecting Your Network Network Status Information Chapter Managing Your NetworkThis screen shows the following parameters Viewing Gateway StatusMenu 3.2 Router Status Fields Connection screen Connection StatusConfiguring LAN IP Settings LAN IP SetupCurrent System Time Use router as Dhcp server DhcpLogs menu Viewing and Emailing Logged InformationEnabling Logs Event E-mail Notification Erasing ConfigurationDiagnostics menu Running Diagnostic UtilitiesManaging Your Network Basic Functions Chapter TroubleshootingPower LED Not On Test LED Stays OnLocal Link LEDs Not On Cable Link LED Not On Troubleshooting the Web Configuration InterfaceTroubleshooting the ISP Connection Troubleshooting a TCP/IP Network Using a Ping UtilityTesting the LAN Path to Your Gateway Testing the Path from Your PC to a Remote Device Troubleshooting TCP/IP Appendix a Technical SpecificationsTechnical Specifications Related Publications Basic Router Concepts Appendix B Networks, Routing, and Firewall BasicsWhat is a Router? Routing Information ProtocolIP Addresses and the Internet Three Main Address Classes Equals NetmaskExample of Subnetting a Class B Address Subnet AddressingNetmask Notation Translation Table for One Octet Private IP Addresses Single IP Address Operation Using NAT Single IP Address Operation Using NATRelated Documents MAC Addresses and Address Resolution ProtocolIP Configuration by Dhcp Internet Security and FirewallsDomain Name Server What is a Firewall? Denial of Service AttackStateful Packet Inspection Wireless Network Configuration Wireless NetworkingAd-hoc Mode Peer-to-Peer Workgroup Infrastructure ModeAuthentication and WEP Encryption Extended Service Set Identification EssidTable B-1 802.11b Radio Frequency Channels Wireless Channel SelectionEthernet Cabling Uplink Switches and Crossover CablesCable Quality Preparing Your Computers for TCP/IP Networking Appendix C Preparing Your NetworkInstall or Verify Windows Networking Components Configuring Windows 95, 98, and ME for TCP/IP NetworkingPreparing Your Network Selecting Windows’ Internet Access Method Enabling Dhcp to Automatically Configure TCP/IP SettingsVerifying TCP/IP Properties Configuring Windows NT, 2000 or XP for IP NetworkingMacOS 8.6 or Configuring the Macintosh for TCP/IP NetworkingMacOS Verifying TCP/IP Properties for Macintosh Computers Verifying the Readiness of Your Internet Account What Is Your Configuration Information?Mail.xxx.yyy.com Preparing Your Network Restarting the Network Glossary Networks See Network Address Translation Connection