Efficient Networks 5200 Series, 5400 Series, 5500 Series ADS

SpeedStream Router User Guide

32

Step 3: Select a protocol to filter:

• In the Select by Name list box, select the protocol name.

- or -

In the Select by Number text box, enter

the protocol number.

Depending on the protocol you selected in Step 3, select the applicable rule options:

• If you selected TCP/UDP in Step 3, go to Step 4a.

• If you selected ICMP in Step 3, go to Step 4b.

• If you selected any other protocol in Step 3, go to Step 5.

Step 4a: If TCP/UDP chosen in Step 3, select the desired rule options:

1. Specify Source Port Operator options:

• Select the source port operator.

• Enter the first port number.

• If applicable, enter the second port number.

2. Specify Destination Port Operator options:

• Select the destination port operator.

• Enter the first port number.

• If applicable, enter the second port number.

• If applicable, select Apply rule only to TCP connections that are already established.

• If applicable, select Check syn packets for TCP connectors.

Step 4b. If ICMP chosen in Step 3, select the desired ICMP rule options.

• From the table, select one or multiple options; or click All Types to automatically select all options.

Step 5. Apply the rule definition, clear the form, or reset the form.

• To accept the settings, click Apply.

ADS (Attack Detection System)

The firewall Advanced Attack Detection System (ADS) contains various algorithms to detect and identify

WAN attacks the moment they start and protect the LAN from such attacks. Though WAN access may be

temporarily hindered, the LAN is protected from harmful traffic.

ADS typically looks for two types of packets: malformed packets and spoofed source address packets.

• Malformed packets have been purposefully constructed with errors in them. These are used to crash

systems that don’t properly handle the errors. This type of attack usually happens against large sites

rather than home users.

Contents

Main Efficient Networks, Inc. End User Software License and Limited Warranty Page Contents Page Page List of Illustrations Page Introduction Hardware Description About the SpeedStream Router Features and Benefits Firewall Security Session Tracking General Safety Guidelines Installing the Router Minimum System Requirements Ethernet Port Connectivity (5100, 5200, 5400, 5500 series) USB Port Connectivity (5200, 5500 series) Hardware Installation Installing Line Filters In-Line Filter Wall-Mount Filter Two-to-One Adapter Connecting the Cables Ethernet Installation Method USB Installation Method Configuring Computer Network Settings Windows 95 / 98 / ME Page Windows NT 4.0 Windows 2000 Windows XP Getting Started Navigating the Web Interface Screen Navigation Elements Logging On to the Web Interface Entering the Network Password Logging On to a PPP Session Page Customizing Router Settings Host DHCP IP Address Restrictions Secondary Relay IP addresses. DHCP Configuration Options Page User Setup (System Login) Time Client Time Client Configuration Options Static Routes NAT/NAPT Server Port Forwarding Port Forwarding Configuration Options Page Firewall Firewall Security Levels Firewall Snooze Control DMZ Settings DMZ Configuration Options Page Custom IP Filter Rules Cloning a Rule Definition Creating Custom IP Filter Rules Depending on the protocol you selected in Step 3, select the applicable rule options: ADS Background Types of Attack ADS Configuration Options Page RFC2684 RFC2684 Configuration Options UPnP (Universal Plug and Play) UPnP Configuration Options Bridge Mode RIP (Routing Information Protocol) RIP Configuration Options LAN Servers System Log System Log Configuration Options Reboot Reset Firmware Update Diagnostics Viewing Status Screens System Summary Interface Map Firewall Log System Log Status and Statistics Screens ATM/AAL Status/Statistics Page USB Status/Statistics Routes Troubleshooting Basic Troubleshooting Steps Interpreting the LED Display Resolving Specific Issues Contacting Technical Support SpeedStream Router User Guide 51 Appendix A: Configuration Data Sheets Administrative User Setup Attack Detection System DHCP Firewall Custom IP Filter Configuration Firewall - DMZ Firewall Level Firewall Snooze Control Host LAN IP NAT/NAPT Port Forwarding PPP Login RIP Static Route Page Appendix B: Technical Specifications Appendix C: Firewall Security Levels Page Page Appendix D: Acronyms and Technical Concepts Acronyms Page Technical Concepts Page Page Page Index A B C Port Forwarding..................................................... 25 D E F G H I K L N O P R S T U V W Z