Manually Configuring your Modem-Router

Network attacks that deny access to a network device are called DoS attacks.

DoS attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network

resources.

The Modem-Router protects against DoS attacks including: Ping of Death (Ping flood) attack, SYN flood attack, IP fragment attack (Teardrop Attack), Brute-force attack, Land Attack, IP Spoofing attack, IP with zero length, TCP null scan (Port Scan Attack), UDP port loopback, Snork Attack.

Note: The firewall does not significantly affect system performance, so we advise enabling the prevention features to protect your network.

Parameter

Defaults

Description

Enable SPI

Yes

The Intrusion Detection feature of the

and Anti-

 

VoIP Modem-Router limits the access

DoS firewall

 

of incoming traffic at the WAN port.

protection

 

When the Stateful Packet Inspection

 

 

(SPI) feature is turned on, all incoming

 

 

packets are blocked except those

 

 

types marked with a check in the

 

 

Stateful Packet Inspection section at

 

 

the top of the screen.

Manually Configuring your Modem-Router

Stateful Packet

This option allows you to select

Inspection

different application types that are

 

using dynamic port numbers. If you

 

wish to use Stateful Packet Inspection

 

(SPI) for blocking packets, click on the

 

Yes radio button in the “Enable SPI and

 

Anti-DoS firewall protection” field and

 

then check the inspection type that you

 

need, such as Packet Fragmentation,

 

TCP Connection, UDP Session, FTP

 

Service, H.323 Service, and TFTP

 

Service. It is called a “Stateful” packet

 

inspection because it examines the

 

contents of the packet to determine

 

the state of the communication; i.e.,

 

it ensures that the stated destination

 

computer has previously requested the

 

current communication. This is a way

 

of ensuring that all communications are

 

initiated by the recipient computer and

 

are taking place only with sources that

 

are known and trusted from previous

 

interactions. In addition to being more

 

rigorous in their inspection of packets,

 

stateful inspection firewalls also

 

close off ports until a connection to

 

the specific port is requested. When

 

particular types of traffic are checked,

 

only the particular type of traffic

 

initiated from the internal LAN will be

 

allowed. For example, if the user only

 

checks FTP Service in the Stateful

 

Packet Inspection section, all incoming

 

traffic will be blocked except for FTP

 

connections initiated from the local

 

LAN.

Discard Ping

Prevents a ping on the Modem-

from WAN

Router’s WAN port from being routed

Discard

to the network.

1

2

3

4

5

7

section

6

 

38

39

Page 20 Page 22
Page 21
Image 21
Belkin F5D5630AU user manual Parameter Defaults Description, Lan
Page 20 Page 22
Top Page Image Contents