Link: Stateful Inspection
All computer operating systems are vulnerable to attack from outside sources, typically at the operating system or Internet Protocol (IP) layers. Stateful Inspection firewalls intercept and analyze incoming data packets to determine whether they should be admitted to your private LAN, based on multiple criteria, or blocked. Stateful inspection improves security by tracking data packets over a period of time, examining incoming and outgoing packets. Out- going packets that request specific types of incoming packets are tracked; only those incoming packets constituting a proper response are allowed through the firewall.
Stateful inspection is a security feature that prevents unsolicited inbound access when NAT is disabled. You can configure UDP and TCP
Stateful Inspection Firewall installation procedure
☛NOTE:
Installing Stateful Inspection Firewall is mandatory to comply with Required Services Security Policy - Residential Category module - Version 4.0 (specified by ICSA Labs)
For more information please go to the following URL: http://www.icsalabs.com/html/communities/firewalls/certification/ criteria/Residential.pdf.
1.Access the router through the web interface from the private LAN.
DHCP server is enabled on the LAN by default.
2.The Gateway’s Stateful Inspection feature must be enabled in order to prevent TCP, UDP and ICMP packets destined for the router or the private hosts.
This can be done by navigating to Expert Mode