D-Link DSL-G624T, D-Link Wireless ADSL Router manual Firewall Configuration Menu

Page 68

DSL-G624T Wireless A DSL Router User’s Guide

Firewall

The Firewall Configuration menu allows the Router to enforce specific predefined policies intended to protect against certain common types of attacks. There are two general types of protection (DoS, Port Scan) that can be enabled on the Router, as well as filtering for specific packet types sometimes used by hackers.

You can choose to Enable or Disable protection against a customized basket of attack and scan types. To enable DoS Protection or Port Scan Protection, select the Enable radio button for the protection type and click in the selection boxes for the various types of protection listed under each.

 

 

 

 

Service Filtering may

 

 

 

 

 

interfere with other

 

 

 

 

 

configurations such as

 

 

 

 

 

DHCP Relay or

 

Note

 

 

 

Remote Management

 

 

 

 

 

 

 

 

 

 

via Telnet.

 

 

 

 

 

 

 

Firewall Configuration Menu

When DoS, Port Scan, or Service Filtering Protection is enabled, it will create a firewall policy to protect your network against the following:

Dos Protection

Port Scan Protection

Service Filtering

 

 

 

SYN Flood check

FIN/URG/PSH attack

Ping from External Network

ICMP Redirection check

Xmas Tree Scan

Telnet from External Network

 

Null Scan attack

FTP from External Network

 

SYN/RST attack

DNS from External Network

 

SYN/FIN Scan

 

 

 

 

A DoS "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. Examples include: attempts to "flood" a network, thereby preventing legitimate network traffic, attempts to disrupt connections between two machines, thereby preventing access to a service, attempts to prevent a particular individual from accessing a service, or, attempts to disrupt service to a specific system or person.

Port scan protection is designed to block attempts to discover vulnerable ports or services that might be exploited in an attack from the WAN.

The Service Filtering options allow you to block FTP, Telnet response, Pings, etc, from the external network. Check the category you want to block to enable filtering of that type of packet.

When you have selected the desired Firewall policies, click the Apply button to enforce the policies. Remember to save any configuration changes.

60

Page 67 Page 69
Image 68
Page 67 Page 69
Contents
DSL-G624T Page Table Of Contents Tools Installation Overview Setup WizardBefore You Start About This User’s GuideInstallation Requirements Packing ListPassword WAN SettingAdditional Software UsernameLAN IP addresses for DSL-G624TLAN Subnet Mask for Ethernet NIC802.11g Wireless Router FeaturesIntroduction Router Description and OperationDSL-G624T Wireless a DSL Router User’s Guide Standards Compatibility and Compliance Front Panel Display Power insert Rear Panel ConnectionsWireless LAN Basics Wireless SecurityRadio Transmission RangeAbout 802.11g Wireless Hardware Installation Choosing the Best Location for Wireless OperationPower on Router Factory Reset ButtonWired Network Connections Connect Adsl LineHub or Switch to Router Connection Computer to Router ConnectionDSL-G624T Wireless a DSL Router User’s Guide Basic Router Configuration Configuration SummaryConfiguring IP Settings on Your Computer Configure Windows XP for DhcpDSL-G624T Wireless a DSL Router User’s Guide Configure Windows 2000 for Dhcp Configure Windows 95 and Windows 98 for DhcpWindows Windows 95 and WindowsConfigure Windows ME for Dhcp Configure Windows NT 4.0 for DhcpWindows ME Windows NT 4.0 WorkstationsEnter Password Access the Configuration ManagerLogin to Home Configure the Router Web Manager First Time Log OnUsing the Setup Wizard Using the Setup Wizard Choose Time Zone Using the Setup Wizard Choose Connection Type Using the Setup Wizard For PPPoE/PPPoA connections Using the Setup Wizard For Dynamic IP Address connections Using the Setup Wizard For Static IP Address connections Using the Setup Wizard For Bridge Mode connections Using the Setup Wizard Finish and Restart Home Wireless LAN SetupWireless Settings menu Configure Basic Wireless Settings Wireless SecuritySecurity Options for Wireless Configure WEP Wireless SecuritySetup Encryption Keys WEP EncryptionConfigure WPA Settings Configure WPA Security for WlanConfigure WPA-PSK Security for Wlan Configure WAN Connection WAN Settings Menu PPPoE / PPPoAPPPoE and PPPoA Connection for WAN Default Route PPPoE/PPPoA Parameters DescriptionUser Name FirewallWAN Settings for Dynamic IP Address Connection Dynamic IP Address Connection for WANDynamic IP Parameters Description Cloned MAC AddressWAN Settings Menu Bridge Mode Bridged Connection for WANWAN Settings Static IP Static IP Address for Connection WANStatic IP Parameters Description IP AddressSubnet Mask Gateway AddressATM Settings for WAN connection PPPoE/PPPoA menu Service CategoryATM Traffic Shaping ATM QoS Parameters DescriptionATM VC Settings ATM VC Settings in WAN connection menuATM VC Parameters Description Virtual CircuitLAN IP Settings Configure LAN IP settingsUse the Router for Dhcp Dhcp Server Settings for the LANConfigure Dhcp Server settings for the LAN Static IP Settings for the LAN Disable the Dhcp ServerDhcp Settings menu with Dhcp disabled Static IP Assignment for LANDNS Server Settings Configure DNS SettingsDynamic DNS Configuration Dynamic DNSSave Settings and Reboot Save and Reboot menuAdvanced Router Management Enable UPnP Menu UPnPVirtual Server Virtual Server Menu and ListRule Management window Parameter DescriptionRule Name Private IPLAN Clients LAN Clients windowSnmp Snmp Management windowSource IP Filters Configuration MenuFilters Destination IP Source Port Destination Port ActionBridge Filters Bridge Filters windowRouting Routing TableDMZ IP address configuration DMZFirewall Configuration Menu FirewallRIP Dynamic Routing RIP menuPPP Connection settings menu PPPAdsl Modulation Configuration AdslATM Virtual Circuit configuration menu ATM VCCQoS Configuration screen QoSWireless Management Configure Wireless Access ControlConfigure Multiple Ssid Wireless ManagementWireless Performance Wireless LAN Performance settingsSystem Tools administrative functions ToolsChange System Password Remote Web Management and Telnet AccessAdministrator Settings change password menu Remote Web And Telnet Access windowTime & Date Configuration TimeRemote Log Settings window Remote LogSystem Restore Factory Default SettingsSave System Settings and Restore Defaults Firmware Upgrade FirmwareMiscellaneous Configuration menu Ping Test MiscellaneousDiagnostics Test Menu TestStatus Information Device Information Display Device Information displayDhcp Clients Dhcp Clients windowLog View Log windowTraffic Adsl Status information Technical Specifications Wireless Modulation Wireless Data RatesMedia Access Protocol Wireless CertificationIP Address Setup Using the Default IP AddressIP Setup Example #1 Assigning Network IP AddressesChanging the IP Address of the Router Using DhcpIP Setup Example #2 IP Concepts IP AddressesSubnet Mask 255.0.0.0 255.255.0.0 255.255.255.0Micro filters Micro filter InstallationMicro Filters and Splitters Split Line Filter
Top Page Image Contents