Security 8-69

Src. Port: The source port to match. This is the port on the sending host that originated the packet.

D. Port: The destination port to match. This is the port on the receiving host for which the packet is intended.

On?: Displays Yes when the filter is in effect or No when it is not.

Fwd: Shows whether the filter forwards (Yes) a packet or discards (No) it when there’s a match.

Filtering example #1

Returning to our filtering rule example from above (see page 8-67), look at how a rule is translated into an IP filter. Start with the rule, then fill in the filter’s attributes:

1.The rule you want to implement as a filter is:

Block all Telnet attempts that originate from the remote host 199.211.211.17.

2.The host 199.211.211.17 is the source of the Telnet packets you want to block, while the destination address is any IP address.

The Source IP Address Mask and Destination IP Address Mask fields indicate how many bits in the corresponding address the filter rule applies to.

How these IP addresses are masked determines what the final match will be, although the mask is not displayed in the table that displays the filter sets (you set it when you create the filter). In fact, since the mask for the destination IP address is 0.0.0.0, the address for Dest IP Addr could have been anything. The mask for Source IP Addr must be 255.255.255.255 since an exact match is desired.

Source IP Addr = 199.211.211.17

Source IP address mask = 255.255.255.255

Dest IP Addr = 0.0.0.0

Destination IP address mask = 0.0.0.0

3.Using the tables on page 8-67, find the destination port and protocol numbers (the Telnet port):

Proto = TCP (or 6)

D. Port = 23

4.The filter should be enabled and instructed to block the Telnet packets containing the source address shown in step 2:

On? = Yes

Fwd = No

This four-step process is how we produced the following filter from the original rule:

+-#---

Source IP Addr---

Dest IP Addr-----

Proto-Src.Port-D.Port--

On?-Fwd-+

+----------------------------------------------------------------------

 

 

 

+

1

192.211.211.17

0.0.0.0

ANY --

--

Yes No

 

 

 

 

+----------------------------------------------------------------------

 

 

 

+

 

 

 

 

 

 

Page 68 Page 70
Page 69
Image 69
Netopia D7100 SDSL, D7171 SDSL, D3100-I IDSL, D3232 IDSL manual Filtering example #1
Page 68 Page 70

D7100 SDSL, D3232 IDSL, D3100-I IDSL, D7171 SDSL specifications

Netopia offers a range of advanced digital subscriber line (DSL) modems that cater to various connectivity needs. Among these, the D7171 SDSL, D3100-I IDSL, D3232 IDSL, and D7100 SDSL models stand out for their robust features and technologies designed to enhance the user experience.

The Netopia D7171 SDSL modem is engineered for symmetrical digital subscriber line (SDSL) services, delivering equal upload and download speeds. It supports high-speed data transfers over standard copper lines, enabling businesses to maintain consistent performance for applications such as video conferencing and large file transfers. Key features of the D7171 include enhanced security protocols, a built-in firewall to protect against unauthorized access, and multiple interface options for flexible connectivity.

Moving to the D3100-I IDSL, this model caters to users who require a reliable internet connection over a longer distance than traditional DSL can provide. The IDSL technology enables it to function effectively in areas where standard DSL is unavailable or unreliable. It provides a lower bandwidth solution yet is valuable in reaching remote locations. This modem is particularly recognized for its ease of installation and robust performance, featuring built-in diagnostics that help troubleshoot potential connection issues.

In the same family, the D3232 IDSL offers similar advantages but with a focus on higher capacity and scalability. It is designed for small to medium enterprises that require greater bandwidth for multiple users or devices. This modem also supports both voice and data transmission, making it an attractive option for unified communications. The D3232 comes equipped with advanced networking features, including Quality of Service (QoS) capabilities to prioritize bandwidth for critical applications.

Lastly, the D7100 SDSL modem is distinguished by its versatility and high-performance output. Supporting SDSL standards, it is perfect for businesses that need reliable, symmetrical speeds. This model is characterized by its extensive range of connectivity options, including Ethernet ports and support for various network protocols, ensuring seamless integration into existing network infrastructures. Additionally, it boasts excellent reliability, making it a favored choice for mission-critical applications.

In summary, Netopia's DSL modems, including the D7171 SDSL, D3100-I IDSL, D3232 IDSL, and D7100 SDSL, provide scalable and reliable internet connectivity solutions tailored to meet diverse business needs. With cutting-edge technology and a suite of features designed for performance, these models are well-suited to enhance productivity and support modern communications.
Top Page Image Contents