Manuals / Efficient Networks / Computer Equipment / Network Router

Efficient Networks 5100 Series manual Firewall Log, ADS Attack Detection System

Models: 5100 Series

1 129

Download 129 pages 36.15 Kb

Page 83

SpeedStream Router User Guide

Firewall Log

When the Attack Detection System (ADS) is enabled, various checks are performed, according to the criteria you designate. For example:

1.If an attack is detected, that information can be displayed in the Firewall Log.

2.Any denials of access by the firewall can be logged with a reason code and a description string.

3.Syslog-formatted messages can be sent to another node on the LAN.

The Firewall Log contains a maximum of 200 entries; each entry may contain a maximum of 200 characters.

To display the Firewall Log window

•From the main menu, click Advanced Setup, then click Firewall, and then click Log. The Firewall Log window displays.

ADS (Attack Detection System)

The firewall Advanced Attack Detection System (ADS) contains various algorithms to detect and identify WAN attacks the moment they start and protect the LAN from such attacks. Though WAN access may be temporarily hindered, the LAN is protected from harmful traffic.

ADS typically looks for two types of packets: malformed packets and spoofed source address packets.

•Malformed packets have been purposefully constructed with errors in them. These are used to crash systems that do not properly handle the errors. This type of attack usually happens against large sites rather than home users.

73

Image 83

Efficient Networks 5100 Series manual ADS Attack Detection System, To display the Firewall Log window

Contents

Router User Guide Software License General Provisions Contents Ustomizing R Outer S Ettings Iii Dhcp Iewing S Tatus and S Tatistics Ppendix a C Onfiguration D ATA S Heets 100 About the SpeedStream Router Features and BenefitsIntroduction Firewall Security Hardware Description General Safety GuidelinesMinimum System Requirements Installing the RouterHardware Installation Basic Installation ProcedureIn-Line Filter Recording System SettingsInstalling Line Filters Two-to-One Adapter Connecting the CablesWall-Mount Filter Ethernet Installation Method USB Installation Method TCP/IP Properties dialog box displays Configuring Computer Network SettingsWindows 95 / 98 / ME TCP/IP Properties dialog box, click the IP Address tab Microsoft TCP/IP Properties dialog box displays Windows NTDouble-clickNetwork and Dial-up Connections WindowsWindows XP Logging On/Off the Web Interface Accessing the Web Management InterfaceAdministrative User Setup window displays Getting StartedDo not require admin login Entering the Network PasswordRequire admin login to access entire Web site Require admin login to access configuration pagesLogging In with UPnP Logging In after first timeSpeedStream Router icon To log in using UPnPNavigating the Web Interface Logging OffLog LevelSnooze IP Filter RulesWindow Navigation PPP Point-to-Point Protocol Customizing Router SettingsPPP Configuration Options Open the Profile Wizard Change PPP SettingsUser Profiles Force all users to be identified before surfing Enable ProfilingDelete a User Profile Add a New User ProfileEdit an Existing URL Name or Tag Select Content FilteringDeny all access to URLs containing the following Enter a New URL Name or TagDelete a URL Name or Tag Select Security AccessAssign Permissions Change User Information Change a User ProfileEnter Constant IP Address FinishClick Add Entry Edit an Existing URL Name or Tag Enter or Change the Constant IP Address Navigation WAN InterfaceSelect the Default WAN Interface Access the WAN Interface Configuration WizardEnable a WAN Connection Disable a WAN ConnectionTable Navigation Step-by-Step ProceduresConfigure ATM Settings Add a New Virtual Connection VCSelect WAN Protocol Specify Connection Name Configure RFC-2684 Bridged ProtocolUse PPPoE Configure RFC-2684 Bridged/IP ProtocolFinish Enter IP InformationSelect Interface Options On the Interface Options window, select the desired options Configure RFC-2684 Routed ProtocolEnable concurrent NAT and Napt Configure PPPoE Protocol Dial-up Only Configure PPPoE / Client OnlyUse Idle Timeout Configure PPPoE / Bridge Only On the Interface Options window, select the desired options Configure PPPoE / 2684B Connection NAT/NAPT Dial-up Only Error is resolved. This is like an always on WAN connection Interface PPPoE with Bridge window displays Configure PPPoE / PPPoE Bridge ProtocolVersion Dial-up Only Use Universal Plug-n-Play Enter User Information Configure PPPoA ProtocolEnter Static IP Address Select PPP OptionsVersions 1 IP Address Restrictions Specify the Host Configuration SettingsHost Dhcp Configuration Options Configure Dhcp Time Client Admin User System LoginChange the User Name or Password Add a Static Route Time Client Configuration OptionsConfigure the Time Client Static RoutesNAT/NAPT Configuration Options Access the NAT/NAPT Configuration WindowEnable Concurrent NAT/NAPT Disable Both NAT and NaptEnable NAT Only and Specify a Destination IP Address Enable Napt OnlySet Map a New Public IP AddressEdit/Delete an Existing Mapping Delete All Port Forwarding Configuration OptionsPort Forwarding DeleteDelete All Entries in the Table Edit an Existing Port Forwarding ConfigurationDelete an Existing Entry Add a Port Forwarding EntryNetwork Connections view FirewallManage Network Address Port Mappings through UPnP Network Neighborhood folderSelect the Firewall Security Level Firewall Simple Setup & Control window displaysFirewall Security Levels Firewall Snooze Control DMZ SettingsFirewall DMZ Configuration window displays Disable DMZEnable DMZ On the Firewall DMZ Configuration window, click Disable DMZCustom IP Filter Rules SpeedStream Router User Guide Define the source and destination Clone a Rule DefinitionCreate Custom IP Filter Rules Fill in the following informationIf Icmp chosen in , select the desired Icmp rule options Select a protocol to filterSpecify Destination Port Operator options To display the Firewall Log window Firewall LogADS Attack Detection System Types of Attack BackgroundADS Configuration Options Enable ADS UPnP Universal Plug and Play UPnP Configuration OptionsRIP Routing Information Protocol Bridge ModeConfigure UPnP Settings Enable Bridge ModeInterface RIP Configuration OptionsConfigure RIP Settings Server PortsDynamic DNS Dynamic DNS Configuration OptionsEnter the Service Username, Service Password, and Host Names Configure Dynamic DNSSystem Summary Viewing Status and StatisticsDisplay the System Log System Log Configuration OptionsUpdate the Display System LogATM/AAL Status/Statistics window displays ATM/AAL Status/StatisticsDSL Status/Statistics Select the Capture LevelEthernet Status/Statistics window displays Ethernet Status/StatisticsUSB Status/Statistics RoutesClick Run Diagnostics at the bottom of the window Using System ToolsDiagnostics To display the Interface Map RebootReset Interface MapUpdate the Router Firmware Firmware UpdateSpeedStream Router User Guide Steady blink TroubleshootingBasic Troubleshooting Steps Interpreting the LED DisplayLEDs Not Lit Resolving Specific IssuesLogin Password Error Post Failure red pwr LED Contacting Technical SupportAttack Detection System Configuration Data SheetsAdministrative User Setup Firewall Custom IP Filter ConfigurationSpeedStream Router User Guide Firewall Level Firewall DMZNAT/NAPT HostPort Forwarding PPP LoginSystem Log Static RouteUPnP Time ClientTechnical Specifications Protocol Firewall Security Levels102 103 Acronyms Acronyms and Technical ConceptsRx Cells Rx ErrorsMAC address OctetTechnical Concepts Dhcp Dynamic Host Configuration Protocol Icsa 3.0a-compliancy PPP Point-to-Point Protocol Protocol Selection window Step-by-Step Virtual WAN ConfigurationVC Wizard Finish Configuration proceduresSpeedStream Router User Guide 5e. If you selected the PPPoA protocol Dhcp ADS Index115 116 117 118 Efficient Networks