Manuals / Billion Electric Company / Computer Equipment / Network Router

Billion Electric Company 400G manual Intrusion Detection, Block Duration

Models: 400G

1 88

Download 88 pages 60.78 Kb

Page 58

Billion 400G Router

Intrusion Detection

The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion attempts or other connections that the router determines to be suspicious.

Blacklist: If the router detects a possible attack, the source IP or destination IP address will be added to the Blacklist. Any further attempts using this IP address will be blocked for the time period specified as the Block Duration. The default setting for this function is false (disabled). Some attack types are denied immediately without using the Blacklist function, such as Land attack and Echo/CharGen scan.

Intrusion Detection: If enabled, IDS will block Smurf attack attempts. Default is false.

Block Duration:

Victim Protection Block Duration: This is the duration for blocking Smurf attacks. Default value is 600 seconds.

Scan Attack Block Duration: This is the duration for blocking hosts that attempt a possible Scan attack. Scan attack types include X’mas scan, IMAP SYN/FIN scan and similar attempts. Default value is 86400 seconds.

DoS Attack Block Duration: This is the duration for blocking hosts that attempt a possible Denial of Service (DoS) attack. Possible DoS attacks this attempts to block include Ascend Kill and WinNuke. Default value is 1800 seconds.

55

Chapter 4: Configuration

Image 58

Billion Electric Company 400G manual Intrusion Detection, Block Duration

Contents

Page Table of Contents Table of Contents Features Introduction to your RouterVirtual Server port forwarding Dynamic Host Configuration Protocol Dhcp Client and ServerFirmware Upgradeable Rich Packet FilteringImportant note for using this router Package ContentsFront LEDs Power LAN Port 1XWireless Mail InternetRear Ports 1X 4X RJ-45 connectorAntenna Cabling Basic Installation Connecting Your Router Double-clickLocal Area Connection. See Figure Select Internet Protocol TCP/IP and click Properties. SeeConfiguring PCs in Windows Configuring PC in Windows 95/98/ME Then select the DNS Configuration tab. See FigureGo to Start / Settings / Control Panel. In the Control Panel Select TCP/IP Protocol and click Properties. See FigureFactory Default Settings Information from your ISP PPPoAConfiguring with your Web Browser 14 User name & Password Prompt WindowQuick Start Configuration StatusAdsl Status StatusARP Table Leased Table Dhcp TableRouting Table Routing TableUPnP Portmap NAT SessionsEmail Status Diagnostic Error LogEvent Log Quick Start Billion 400G Router Billion 400G Router LAN Local Area Network ConfigurationBridge Interface IP Alias EthernetPrimary IP Address Ethernet Client Filter Ethernet Client Filter Default setting is set Disable→ Active PC in LAN Wireless ParametersWireless Distribution System WDS Wireless Security WPA-PSK / WPA2-PSK / WEPWEP Wireless Client Filter Default setting is set to Disable Wireless Client / MAC Address FilterAssociated Wireless Clients Port Setting WPSDhcp Server WAN Profile WAN Wide Area NetworkConnection PPPoA Connection Billion 400G Router MPoA Connection IPoA Routed Connection Pure Bridge All PPPoEAdsl Mode System Time ZoneRemote Access Firmware UpgradeBackup / Restore Restart Router User ManagementBillion 400G Router Firewall and Access Control This with caution when connecting over the WAN General SettingsChanged Packet Filter Example Predefined Port Filters Rules Packet Filter Add TCP/UDP Filter Packet Filter Add Raw IP Filter Billion 400G Router Configuring Packet Filter Example Intrusion Detection Block DurationBillion 400G Router Type of Block Drop Packet Duration Intrusion Name Detect Parameter BlacklistShow Log URL Filter Billion 400G Router Peer to Peer Blocking The default is set to Disabled Instant Message Blocking The default is set to DisabledIM / P2P Blocking Prioritization QoS Quality of ServiceFirewall Log HighWireless Adsl Router Standard Dscp Dscp Mapping TableOutbound IP Throttling LAN to WAN Inbound IP Throttling WAN to LAN Connection Diagram Information and SettingsMission-critical application Restricted Application Billion 400G Router Virtual Server known as Port Forwarding Add Virtual ServerBillion 400G Router Add Click it to apply your settings ExampleGo to ConfigurationVirtual ServerEdit DMZ Host Edit DMZ HostEdit One-to-One NAT Network Address Translation Go to ConfigurationVirtual ServerEdit One-to-one NATGlobal IP Address Well-known and registered Ports Port NumberProtocol Description Time Schedule Edit a Time Slot Configuration of Time ScheduleDelete a Time Slot Advanced Go to Configuration/Advanced/Static RouteStatic Route Dynamic DNS Dynamic DNSCheck Email Check EmailDevice Management Snmp V1 Universal Plug and Play UPnPFrom RFC 1213 MIB-II From RFC 1471 PPP/LCP MIB From RFC1650 EtherLike-MIBFrom RFC 1493 Bridge MIB From RFC 1472 PPP/Security MIBLogout DisableVlan Bridge Problems with the WAN Interface Problems starting up the routerProblems with the LAN Interface Contact Telkom Adsl support Contact SizweBroadband for Router Support