C2-010 / C2-010-I ADSL2+ Router User’s Guide
5-8
5.6 Firewall This Router comes equipped with a firewall. The Firewall configuration screen allows the Router to enforce
specific predefined policies intended to protect against certain common types of attacks. To configure the Router’s
firewall, click the Advanced tab at the top of the screen and then the Firewall tab to the left.
Figure 5-7. Firewall Configuration Menu
When DoS, Port Scan, or Service Filtering Protection is enabled, it will create a firewall policy to protect your
network against the following:
Dos Protection Port Scan Protection Service Filtering
SYN Flood check
ICMP Redirection
check
Nmap/FIN attack
URG/PSH attack
Xmas Tree Scan
Null Scan attack
SYN/RST attack
SYN/FIN Scan
Ping from WAN
Telnet from WAN
FTP from WAN
DNS from WAN
IKE from WAN
RIP from WAN
DHCP from WAN
A DoS "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate
users of a service from using that service. Examples include: attempts to "flood" a network, thereby
preventing legitimate network traffic, attempts to disrupt connections between two machines, thereby
preventing access to a service, attempts to prevent a particular individual from accessing a service, or,
attempts to disrupt service to a specific system or person.
Port scan protection is designed to block attempts to discover vulnerable ports or services that might be
exploited in an attack from the WAN.