Billion Electric Company 7402NX specification

Billion BiPAC 7402NX(L) 802.11n 3G/ADSL2+ (VPN) Firewall Router

Table 2: Hacker attack types recognized by the IDS

Intrusion Name

Ascend Kill

WinNuke

Smurf

Land attack

Echo/CharGen Scan

Echo Scan

CharGen Scan

X’mas Tree Scan

IMAP

SYN/FIN Scan

SYN/FIN/RST/ACK Scan

Net Bus Scan

Back Orifice Scan

SYN Flood

ICMP Flood

ICMP Echo

Detect Parameter Blacklist

Ascend Kill data				Src IP

TCP
Port 135, 137~139,				Src IP
Flag: URG

ICMP type 8				Dst IP
Des IP is broadcast				Dst IP

SrcIP = DstIP

UDP Echo Port and
CharGen Port

UDP	Dst	Port	=	Src IP
Echo(7)
UDP	Dst	Port	=	Src IP
CharGen(19)
TCP Flag: X’mas				Src IP

TCP Flag: SYN/FIN

DstPort: IMAP(143) Src IP

SrcPort: 0 or 65535

TCP,

No Existing session

And Scan Hosts Src IP more than five.

TCP

No Existing session DstPort = Net Bus SrcIP

12345,12346, 3456

UDP, DstPort =SrcIP Orifice Port (31337)

Max TCP Open Handshaking Count (Default 100 c/sec)

Max ICMP Count (Default 100 c/sec)

Max PING Count (Default 15 c/sec)

Type of Block Drop Packet Duration

	DoS	Yes

	DoS	Yes

	Victim	Yes
	Protection	Yes
	Protection

		Yes

		Yes

	Scan	Yes

	Scan	Yes

	Scan	Yes

	Scan	Yes

	Scan	Yes

	Scan	Yes

	Scan	Yes

Show Log

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Src IP: Source IP	Src Port: Source Port
Dst Port: Destination Port	Dst IP: Destination IP

66

Chapter 4: Configuration

Image 67

Billion Electric Company 7402NX user manual Hacker attack types recognized by the IDS

Contents

BiPAC 7402NXL Table of Contents Appendix a Product Support and Contact Information Introduction to your Router Features Virtual Server port forwarding Dynamic Host Configuration Protocol Dhcp Client and ServerNetwork Address Translation NAT Soho Firewall Security with DoS and SPI Rich Management Interfaces Firmware UpgradeableSimple Network Management Protocol Snmp Web based GUI Package Contents Important note for using this router Meaning Power LAN PortWireless Front LEDs Meaning Rear PortsConsole Port Antenna Cabling Basic Installation Connecting Your Router Double-clickLocal Area Connection. See Figure Configuring PCs in Windows in Window XP Configuring PCs in Windows Then select the DNS Configuration tab. See Figure Configuring PC in Windows 95/98/ME 13 IP Address Configuring PC in Windows NT4.0 Factory Default Settings PPPoERFC2516 PPPoARFC2684 MPoARFC1483/RF IPoARFC1577 Information from your ISP 14 User name & Password Prompt Window Configuring with your Web Browser Status Quick Start Configuration Adsl Status Status3G Status Dhcp Table ARP Table Routing Table Routing TableRIP Routing Table UPnP Portmap NAT SessionsPptp Status L2TP Status IPSec Status Email Status Error LogEvent Log Quick Start Diagnostic Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Enable LAN Local Area Network Configuration Primary IP Address Ethernet IP Alias → Active PC in LAN Ethernet Client Filter Default setting is set DisableEthernet Client Filter Wireless Wireless Distribution System WDS Wireless Security Wireless Router only WEP Wireless Client Filter Default setting is set to Disable Wireless Client / MAC Address FilterAssociated Wireless Clients WPS Port Setting Dhcp Server WAN Interface WAN Connection-ADSL ModeWAN Wide Area Network Detect Rule Rule 1. Adsl Down Rule 2. Ping Fail Cycle. The host must be an IP address WAN Connection-3G Mode WAN Profile Protocol The ATM protocol will be used in the deviceConnection PPPoA Connection Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router MPoA Connection IPoA Routed Connection All Pppoe Pure Bridge Adsl Mode System Firmware Upgrade Remote Access Backup / Restore Restart Router User Management Firewall and Access Control Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Packet Filter Predefined Port Filter Example Predefined Port Filters Rules Packet Filter Add TCP/UDP Filter Go to Type drop-down menu, select Use Protocol Number Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Configuration Example Block Duration Intrusion Detection Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Hacker attack types recognized by the IDS Always On URL Filter Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Peer to Peer Blocking The default is set to Disabled Instant Message Blocking The default is set to DisabledIM / P2P Blocking Firewall Log VPN Virtual Private Networks BiPAC 7402NX only Connection Type Remote Access or LAN to LANPptp Point-to-Point Tunneling Protocol Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Dial-out Description Function Pptp Connection LAN to LAN Example Configuring a Pptp LAN-to-LAN VPN Connection Description Function Function IPSec IP Security Protocol Local ID IPSec VPN Connection Configuration Ping to the IP Action Ping for Keep Alive Network Configuration and Security Plan MD5 3DES Function Description 69.121.1.3 Example Configuring a IPSec Host-to-LAN VPN Connection Function Description L2TP Layer Two Tunneling Protocol L2TP Connection Remote Access Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Dial-in MD5 Dial-out Description L2TP VPN Connection Example Configuring your Router to Dial-in to the Server Billion BiPAC 7402NXL 802.11n 3G/ADSL2+ VPN Firewall Router Example Configuring L2TP LAN-to-LAN VPN Connection Function Perfect Forward Secrecy None Pre-shared Key 12345678 High QoS Quality of Service100 Prioritization 101 Wireless Adsl Router Standard DscpDscp Mapping Table Dscp Mapping Table Outbound IP Throttling LAN to WAN 102 Inbound IP Throttling WAN to LAN 103 Information and Settings Connection Diagram104 Throughput 105 106 Mission-critical applicationVoice application Restricted Application 107 Advanced setting by using IP throttling 108 109 Virtual Server known as Port Forwarding Add Virtual Server 110 111 Add Click it to apply your settings 112 Go to Configuration Virtual Server Edit DMZ HostEdit DMZ Host Global IP Address Go to Configuration Virtual Server Edit One-to-one NAT113 Edit One-to-One NAT Network Address Translation 114 Protocol Well-known and registered Ports115 Port Number 116 Time Schedule Delete a Time Slot Configuration of Time Schedule117 Edit a Time Slot Advanced Go to Configuration/Advanced/Static Route118 Dynamic DNS 119Dynamic DNS Check Email 120Check Email Device Management 121 Snmp V1 122From RFC 1213 MIB-II 123 Vlan Bridge 124 125 Logout 126 Problems starting up the routerProblems with the WAN Interface Problems with the LAN Interface Contact Billion 127