Manually Configuring your Modem
Network attacks that deny access to a network device are called DoS attacks.
DoS attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources.
The Modem protects against DoS attacks including: Ping of Death (Ping flood) attack, SYN flood attack, IP fragment attack (Teardrop Attack),
Note: The firewall does not significantly affect system performance, so we advise enabling the prevention features to protect your network.
Parameter | Defaults | Description |
|
|
|
Enable SPI | Yes | The Intrusion Detection feature of |
and Anti- |
| the VoIP Modem limits the access |
DoS firewall |
| of incoming traffic at the WAN port. |
protection |
| When the Stateful Packet Inspection |
|
| (SPI) feature is turned on, all incoming |
|
| packets are blocked except those |
|
| types marked with a check in the |
|
| Stateful Packet Inspection section at |
|
| the top of the screen. |
|
|
|
Manually Configuring your Modem
Stateful Packet |
| This option allows you to select |
Inspection |
| different application types that are |
|
| using dynamic port numbers. If you |
|
| wish to use Stateful Packet Inspection |
|
| (SPI) for blocking packets, click on the |
|
| Yes radio button in the “Enable SPI and |
|
| |
|
| then check the inspection type that you |
|
| need, such as Packet Fragmentation, |
|
| TCP Connection, UDP Session, FTP |
|
| Service, H.323 Service, and TFTP |
|
| Service. It is called a “Stateful” packet |
|
| inspection because it examines the |
|
| contents of the packet to determine |
|
| the state of the communication; i.e., |
|
| it ensures that the stated destination |
|
| computer has previously requested the |
|
| current communication. This is a way |
|
| of ensuring that all communications are |
|
| initiated by the recipient computer and |
|
| are taking place only with sources that |
|
| are known and trusted from previous |
|
| interactions. In addition to being more |
|
| rigorous in their inspection of packets, |
|
| stateful inspection firewalls also |
|
| close off ports until a connection to |
|
| the specific port is requested. When |
|
| particular types of traffic are checked, |
|
| only the particular type of traffic |
|
| initiated from the internal LAN will be |
|
| allowed. For example, if the user only |
|
| checks FTP Service in the Stateful |
|
| Packet Inspection section, all incoming |
|
| traffic will be blocked except for FTP |
|
| connections initiated from the local |
|
| LAN. |
|
|
|
Discard Ping |
| Prevents a ping on the Modem’s WAN |
from WAN |
| port from being routed to the network. |
Discard |
|
|
|
|
|
1
2
3
4
5
6
7
section
42 | 43 |
