2Wire None instruction

Firewall Tab

The following table lists the attacks for which the gateway firewall filters continuously check.

Attack	Description and Action Taken
Excessive Session Detection	When enabled, the firewall will detect applications on the
	local network that are creating excessive sessions out to
	the Internet. This activity is likely due to a virus or “worm”
	infected computer (for example, Blaster Worm). When the
	event is detected, the gateway displays a HURL warning
	page.
TCP/UDP Port Scan	A port scan is a series of messages sent by someone
	attempting to break into a computer to learn which
	computer network services, each associated with a well-
	known port number (such as UDP and TCP), the computer
	provides. When enabled, the firewall detects UDP and TCP
	port scans, and drops the packet.
Invalid Source/Destination IP	When enabled, the firewall will verify IP addresses by
address	checking for the following:
	IP source address is broadcast or multicast — drop
	packet.
	TCP destination IP address is not unicast — drop packet.
	IP source and destination address are the same — drop
	packet.
	Invalid IP source received from private/home network —
	drop packet.
Packet Flood (SYN/UDP/ICMP/	When enabled, the firewall will check for SYN, UDP, ICMP,
Other)	and other types of packet floods on the local and Internet
	facing interfaces and stop the flood.
Invalid TCP Flag Attacks (NULL/	When enabled, the firewall will scan inbound and
XMAS/Other)	outbound packets for invalid TCP Flag settings, and drop
	the packet to prevent SYN/FIN, NULL, and XMAS attacks.
Invalid ICMP Detection	The firewall checks for invalid ICMP/code types, and drops
	the packet.
Miscellaneous	The firewall checks for the following:
	Unknown IP protocol — drop packet.
	Port 0 attack detected — drop packet.
	TCP SYN packet — drop packet.
	Not a start session packet — drop packet.
	ICMP destination unreachable — terminate session.

To disable attack detection for a specific port:

•Open a Web browser and access the 2Wire gateway user interface by entering http://gateway.2wire.net.

•Click the Firewall tab.

56

Image 61

2Wire None manual

Contents

2Wire Gateway User Guide Page Contents Page Contents Networking Technology Overview Introduction Viewing Your System Summary System Tab System Area of the Network at a Glance Panel Network at a Glance Panel Broadband Link Area of the Network at a Glance Panel Web Remote Access Enabling Enhanced Services Edit System Password Setting a System Password Reset System Password Resetting the System Password Changing Your Time Zone Settings View System Details Viewing System Details Connection Status Viewing Your Broadband Link Summary Connection Information Connection Speed View Broadband Link Details Connection DetailsPage Broadband Link Tab MTU Monitor Internet Connection Using Broadband DiagnosticsTest Connection Speed Viewing Statistics Broadband Link Diagnostics View Broadband Link Statistics Page Using Advanced Settings Broadband Link Advanced Settings Modifying DSL and ATM Settings Modifying the Hardware Address Modifying Broadband Connection SettingsEnabling Hostname Override Modifying the Broadband DNS Modifying the Broadband IP Understanding the Local Devices Panel Viewing Your Home Network Summary USB Understanding the Status at a Glance Panel Monitoring Your Wireless Settings Configure the Wireless Network Customizing Security Settings Configuring Additional Settings Configuring MAC Filtering Setting up a Private Network Configuring Advanced Settings Advanced Home Network Settings Setting Up a Public Routed Subinterface Showing a Device as Inactive Setting Up a Public Proxied Subnet VoIP Network Tab Configuring the VoIP PhonesPage Page Page Page Firewall Tab Firewall Features View Firewall Summary Viewing Your Firewall Summary View Firewall Details Hosting an Application Edit Firewall Settings Adding an Application Profile Updating the Application Profile List Edit Application Page Select a Hosted Application Allowing all Applications DMZplus Click Allow all applications DMZplus mode Viewing the Firewall Log View Firewall Log Edit Advanced Firewall Settings Configuring the Firewall Advanced Enabling Advanced Security Stealth ModePage Block Ping Strict UDP Session Control Disabling Attack Detection Allowing Inbound and Outbound TrafficPage Edit Advanced Firewall Settings Using the MDC Accessing the MDCPage System Summary Troubleshooting PagesBroadband Link Pages Local Network Pages Remote Management Feature MDC System Summary System Summary Management and Diagnostic Console MDC Broadband Link Summary Broadband Link Summary Dslam Maximum size of the packets sent from a computer to MDC Broadband Link Statistics Broadband Link Statistics ATM MDC Broadband Link Detailed DSL Statistics Broadband Link Detailed DSL Statistics DSL Management and Diagnostic Console MDC Broadband Link Configuration Broadband Link Configuration Modifying Internet Connection and Authentication Settings Modifying Hardware Address Modifying Internet Address SettingsModifying DNS Information MDC Local Network Status Local Network Status Specifies whether a USB device is present Active on MDC Local Network Statistics Local Network Statistics USB MDC Local Network Device List Local Network Device List MDC Local Network Wireless Settings Local Network Wireless Settings Additional Settings Private Network Settings Local Network Configuration Public Proxied Subnet Settings Public Routed Subinterface SettingsDisplay Settings Enable Router Behind Router Alert MDC Firewall Settings Firewall Settings Creating an Application Profile Hosting an Application MDC Firewall Edit Application Allowing all applications Pinholes Firewall Detailed InformationNAT Sessions MDC Firewall Advanced Settings Firewall Advanced Settings Controlling Inbound and Outbound Traffic Enabling Security FeaturesEnabling Full Logging Voice Server Summary MDC Voice Configure Server Voice Configure ServerPage Page Page MDC Troubleshooting DSL Diagnostics Troubleshooting DSL Diagnostics Analyzing General Information Reviewing Training History INP Vxco Reviewing Bitloading MDC Troubleshooting Event Log Troubleshooting Event Log 102 MDC Troubleshooting Network Tests Troubleshooting Network Tests 104 MDC Troubleshooting Upgrade History Troubleshooting Upgrade History MDC Troubleshooting Resets Troubleshooting Resets 107 MDC Advanced Syslog Settings Advanced Syslog Settings MDC Advanced Provisioning Information 109 Advanced Provisioning Info 110 MDC Advanced Configure Time Services Advanced Configure Time Services 112 Routing Advanced Configure Services Properties 115 Enabling Broadband Status Notification Changing Timeout ParametersEnabling Missing DSL Filter Notification Enabling SIP Application Layer Gateway 117 MDC Advanced Static Routes Advanced Static Routes 119 MDC Advanced DNS Name Table Advanced DNS Resolve MDC Advanced Traffic Shaping Advanced Traffic Shaping MDC Advanced Link Manager States Advanced Link Manager States 123 124 MDC Advanced Detailed Log 125 Advanced Detailed Log Http ALG 127 SIP Glossary 130 131 132 133 Regulatory Information