2Wire 3800HGV-B manual Allowing Inbound and Outbound Traffic, Disabling Attack Detection

Page 32

Gateway User Interface

Strict UDP Session Control. Enabling this feature provides increased security by preventing the 2Wire gateway from accepting packets sent from an unknown source over an existing connection. The ability to send traffic based on destination only is required by some applications. Enabling this feature may not allow some on-line applications to work properly.

Allowing Inbound and Outbound Traffic

The Inbound and Outbound Control pane displays some common protocol types. When one of the Inbound protocol boxes is checked, the firewall allows the corresponding protocol to pass through from the Internet to the network. If one of the Outbound protocol boxes is checked, the firewall allows the traffic from the network to pass through the firewall to the Internet.

Note: If you configure the firewall to block an Inbound protocol, you may disable support for hosted applications that require that type of protocol.

Disabling Attack Detection

By default, the 2Wire gateway firewall rules block the attack types listed in the Attack Detection pane. There are some applications and devices that require the use of specific data ports through the firewall. The gateway allows users to open the necessary ports through the firewall using the Firewall Settings page. If the user requires that a computer have all incoming traffic available to it, this computer can be set to the DMZplus mode. While in DMZplus mode, the computer is still protected against numerous broadband attacks (for example, SYN Flood or Invalid TCP flag attacks).

In rare cases, the incoming traffic may be inadvertently blocked by the firewall (for example, when integrating with external third-party firewalls or VPN servers). You may need to disable one or more of the attack detection capabilities for any device placed in the DMZplus. In this case, the third-party server provides the attack protection normally provided by the gateway.

Following are the attacks for which the gateway firewall filters continuously checks.

Excessive Session Detection. When enabled, the firewall will detect applications on the local network that are creating excessive sessions out to the Internet. This activity is likely due to a virus or “worm” infected computer (for example, Blaster Worm). When the event is detected, the gateway displays a HURL warning page.

TCP/UDP Port Scan. A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a well-known port number (such as UDP and TCP), the computer provides. When enabled, the firewall detects UDP and TCP port scans, and drops the packet.

Invalid Source/Destination IP address. When enabled, the firewall will verify IP addresses by checking for the following:

IP source address is broadcast or multicast — drop packet.

TCP destination IP address is not unicast — drop packet.

IP source and destination address are the same — drop packet.

Invalid IP source received from private/home network — drop packet.

30

Page 31 Page 33
Image 32
Page 31 Page 33
Contents Contents Page 3800HGV-B Overview HGV-B, Rear View802.1x Setup Page Installation Requirements Connect the Computer to the Gateway Choose a Computer and Connection TypeEthernet Connection Wireless Connection Configuring the Adapter Non-2Wire Wireless Adapter ConfigurationLocating the Serial Number and Wireless Encryption Key Install the 2Wire Gateway USB Driver Windows USB to PC ConnectionInstall the 2Wire Gateway USB Driver Macintosh Connecting to Vdsl via CoAX Connect the Broadband InterfaceSetting Up Iptv Connect to IptvViewing Your System Summary Gateway User InterfaceGateway System Pages Setting a System Password Changing Your Time Zone SettingsViewing Your Broadband Link Summary Broadband Link PagesViewing System Details Viewing Broadband Link Details Using Broadband Diagnostics From Jeff M Need to show Ethernet broadband exampleViewing Statistics Using Broadband Link Advanced Settings Local Devices Home Network PagesViewing Your Home Network Summary Monitoring Your Wireless Settings Status at a Glance PanelPage Configuring Additional Settings Customizing Security SettingsConfiguring Advanced Settings Editing Address Allocation Settings Firewall Pages Viewing Your Firewall SummaryPage Configuring Firewall Settings Configuring Advanced Firewall Settings Enabling Advanced SecurityAllowing Inbound and Outbound Traffic Disabling Attack DetectionPage System Summary Access the Management and Diagnostic ConsoleAccessing the Management and Diagnostic Console Vdsl Broadband Link Summary Broadband Link Statistics Broadband Link Detailed Statistics Broadband Link Configuration Local Network Status Specifies whether a USB device is present Active on Local Network Statistics Local Network Device List Local Network Wireless Settings Local Network Configuration Enabling Router Behind Router AlertLocal Network Address Allocation Local Network Configure the MoCA Network Local Network MoCA Statistics Firewall Settings Firewall Detailed Information Firewall Advanced Settings Troubleshooting DSL Diagnostics Analyzing General InformationReviewing Training History Reviewing Bitloading Troubleshooting Event Log Page Troubleshooting Network Tests Troubleshooting Upgrade History Troubleshooting Resets Advanced Syslog Settings Advanced Provisioning Info Advanced Configure Time Services Advanced Configure Services Advanced DNS Resolve Advanced Link Manager States Advanced Detailed Log Upgrade the Software Page Configuring Multiple Static IP Addresses Enable Public Network Mode Allocate Public IP Addresses to the LAN Clients CidrConfigure Firewall Rules Sample Configuration Figure *. Sample NetworkPage Vpnsrv Vpnsrv Select the Allow individual applications option LEDs LED overviewIpcp Glossary Regulatory Information PhoneRegulatory Information
Top Page Image Contents