Intrusion Detection Feature | Sagem 1500WG guide

4 - Configuring the SAGEM F@st™ 1500 ADSL router

4.8.5Intrusion Detection

1)Intrusion Detection Feature

Stateful Packet Inspection (SPI) and Anti-DoS firewall protection (Default: Enabled) - The Intrusion Detection Feature of the SAGEM F@st™ 1500 ADSL Router limits access for incoming traffic at the WAN port. When the SPI feature is turned on, all incoming packets will be blocked except for those types marked in the Stateful Packet Inspection section.

RIP Defect (Default: Enabled) - If an RIP request packet is not acknowledged to by the router, it will stay in the input queue and not be released. Accumulated packets could cause the input queue to fill, causing severe problems for all protocols. Enabling this feature prevents the packets from accumulating.

Discard Ping to WAN (Default: Disabled) - Prevent a ping on the ADSL Router’s WAN port from being routed to the network.

2) Stateful Packet Inspection

This is called a “stateful” packet inspection because it examines the contents of the packet to determine the state of the communications; i.e., it ensures that the stated destination computer has previously requested the current communication. This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with sources that are known and trusted from previous interactions. In addition to being more rigorous in their inspection of packets, stateful inspection firewalls also close off ports until connection to the specific port is requested.

SAGEM F@st™ 1500 Reference Manual - 288053220-04 Reproduction and communication prohibited without the written permission of E Page 4-43

Image 89

Sagem 1500WG manual Intrusion Detection Feature, Stateful Packet Inspection

Contents

288 053 Reference ManualPage Contents Configuring the Sagem F@st 1500 Adsl router Appendix D Technical specifications Appendix a Troubleshooting Appendix B Safety warningsAppendix E Default configuration Appendix C Cables Front Panel List of figures Introduction Wireless and Wired LAN Features and BenefitsInternet Access About the Sagem F@stTM 1500WG Adsl Router Virtual Server Shared IP AddressDMZ Host Support Security Composition of the supply Prerequisites Introduction Description and Physical installation Hardware Description Description and physical installation Status Description Front panel Power ResetRear panel Ports / Button Description Power supply source Physical Installation Installation instructionsMaintenance Environment Desktop Installation Connect the Adsl Line Settings and Connecting ISP settingsInstall the Sagem F@stTM 1500 Adsl Router Installing a Full-Rate Connection Phone Line Configuration Installing without a splitter Installing a Splitterless Connection Connect the Power Adapter Attach to Your Network Using Ethernet Cabling Powering up the Sagem F@st 1500 Adsl router Description and physical installation Configuring Client Computer IP Address 192.168.2.1 Subnet Mask 255.255.255.0 TCP/IP ConfigurationMac Millennium Edition is similar, but not identical, to Windows Configuring your Windows computer On Windows 98 / Me TCP/IP Configuration Setting Internet Explorer Disable Http Proxy Configuring Client Computer Obtain IP Settings from Sagem F@stTM 1500 Adsl Router On Windows NT On the Windows desktop, click Start/Settings/Control Panel Configuring Client Computer TCP/IP Configuration Setting Configuring Client Computer On Windows Disable Http Proxy Obtain IP Settings from Sagem F@stTM 1500 Adsl Router Configuring Client Computer On Windows XP Disable Http Proxy Obtain IP Settings from Sagem F@st1500 Adsl Router Configuring Client Computer Configuring your Mac computer Disable Http Proxy Configuring Client Computer Configuring the Sagem F@st 1500 Adsl router Sagem F@st Configuring the Sagem F@st 1500 Adsl router Sagem F@st 1500WG Navigating the Management Interface Setup Wizard Advanced Setup Making Configuration Changes Status Description LAN / WirelessAdditional Information PPP Setting Setup Wizard menu Channel and Ssid Wireless ModeParameter Description Essid Broadcast Parameter Description 3 WEP Access Control System Time Settings Password Settings You will be asked to confirm your decision Configuration toolsChoose a function and click Next Reset Firmware Upgrade WAN menu Bridging ATM PVC CBR Clone MAC LAN Parameter Description IP Address Pool Start IP VlanEnd IP Domain Name Add Vlan Edit Enter those addresses on this page, and click Apply 2 DNS Wireless Channel Wireless ModeSsid Broadcast Access Control Security 4 WEP 5 WPA Configuring the Sagem F@st 1500 Adsl router Re-Authentication Authentication Session Idle timeoutRe-Type Password Parameter Description 802.1X NAT Address Mapping Virtual Server Special Application NAT Mapping Table Firewall Access Control Configuring the Sagem F@st 1500 Adsl router MAC Filter URL Blocking Click Add Schedule Rule Schedule Rule Stateful Packet Inspection Intrusion Detection FeatureIntrusion Detection Configuring the Sagem F@st 1500 Adsl router Connection Policy DoS Criteria and Port Scan Criteria 6 DMZ Static Route Route 2 RIP Parameter Description General RIP Parameters Operation ModeTable of current Interface RIP parameter Version Parameter Description Flags Routing TableNetmask Interface 10 QoS Parameter Description Enable or disable QoS module functionDiffserv Forwarding Groups Please complete the Minimum Bandwith Allocation Traffic Mapping Parameter Description Traffic statistics Adsl Advanced Monitoring Index Fast Path CRC Error Parameter Operation Mode DescriptionInterleaved Path CRC Error Loss of Signal Defect Remote Management Snmp Snmp Setting Snmp Trap UPnP Ddns Windows 98/ME Finding the MAC address of a Network CardWindows NT4/2000/XP Macintosh Configuring the Sagem F@st 1500 Adsl router Appendix a Troubleshooting Symptom Action LED Indicators Troubleshooting ChartNetwork Connection Problems Management Problems Symptom Action LED Indicators Wireless Problems Appendix a Troubleshooting Appendix B Safety warnings Safety levels on the mains adapter unit Safety warningsSafety levels on the Sagem F@st 1500 unit LAN Ports Radio specific to Sagem F@st 1500WG SafetyCE declaration of conformity Appendix B Safety warnings Appendix C Cables Wiring Conventions SpecificationsEthernet cable 3 RJ-45 Port Connection Crossover Wiring Straight-Through WiringPin Assignments General Cable Type Connector Cable Types and SpecificationsAdsl Cable Line Standard Telephone cable RJ11 Pin Signal Name Wire Color Figure C.2 RJ-11 Connector Pin Numbers Appendix C Cables Appendix D Technical specifications Electrical Characteristics Mechanical Characteristics DisplaysAdsl Features Input Power ATM Features Soft Component FeaturesManagement Features Security Features Radio Features Modulation Rate-Output Power dBm RF Output Power Modulation Rate-Output Power dBmOperating Channels Ieee 802.11b compliant Operating Channels Ieee 802.11g compliant Modulation Rate-Receiver Sensitivity Typical dBm Environmental characteristics Internet Standards Appendix E Default configuration Default language for Http User Interface Default user name and password for Http accessDefault configuration on the local area network side LAN characteristics Function Mode State/Value Default configuration for advanced functions Default configuration on the wide area network sideWAN characteristics Function Mode State/Value Advanced functions Function Mode State/Value Appendix E Default configuration Page ENetworks Division