Manuals / SMC Networks / Computer Equipment / Network Router

SMC Networks SMC7908VoWBRA manual 4-59, DoS Criteria and Port Scan Criteria

Models: SMC7908VoWBRA

1 137

Download 137 pages 45.48 Kb

Page 93

•DoS Criteria and Port Scan Criteria

ADVANCED SETUP

•DoS Criteria and Port Scan Criteria

Set up DoS and port scan criteria in the spaces provided (as shown below).

Parameter	Defaults	Description

Total incomplete	300	Defines the rate of new unestablished sessions
TCP/UDP sessions	sessions	that will cause the software to start deleting
HIGH		half-open sessions.
Total incomplete	250	Defines the rate of new unestablished sessions
TCP/UDP sessions	sessions	that will cause the software to stop deleting half-
LOW		open sessions.
Incomplete	250	Maximum number of allowed incomplete
TCP/UDP sessions	sessions	TCP/UDP sessions per minute.
(per min) HIGH
Incomplete	200	Minimum number of allowed incomplete
TCP/UDP sessions	sessions	TCP/UDP sessions per minute.
(per min) LOW
Maximum incomplete	10	Maximum number of incomplete TCP/UDP
TCP/UDP sessions		sessions from the same host.
number from same
host

Incomplete	300
TCP/UDP sessions	msec
detect sensitive time
period
Maximum half-open	30
fragmentation packet
number from same
host
Half-open	10000
fragmentation detect	msec
sensitive time period
Flooding cracker	300
block time	second

Length of time before an incomplete TCP/UDP session is detected as incomplete.

Maximum number of half-open fragmentation packets from the same host.

Length of time before a half-open fragmentation session is detected as half-open.

Length of time from detecting a flood attack to blocking the attack.

Note: The firewall does not significantly affect system performance, so we advise enabling the prevention features to protect your network.

4-59

Image 93

SMC Networks SMC7908VoWBRA 4-59, DoS Criteria and Port Scan Criteria, that will cause the software to stop deleting half

Contents

Page From SMC’s line of award-winning connectivity solutions 54Mbps Wireless Voip Router with built-in ADSL Modem38 Tesla SeptemberTrademarks LIMITED WARRANTY LIMITED WARRANTY Federal Communication Commission Interference Statement COMPLIANCESIMPORTANT STATEMENT FCC Radiation Exposure Statement FCC - PartCOMPLIANCES COMPLIANCES EC Conformance DeclarationCOMPLIANCES Safety Compliance Wichtige Sicherheitshinweise GermanyInstallation TABLE OF CONTENTSConfiguring Client PC IntroductionConfiguring the Voice ADSL Router viiiTABLE OF CONTENTS Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1 CHAPTER INTRODUCTION About the BarricadeVoIP Voice over IP Features and Benefits Internet Access Wireless and Wired LANApplications Shared IP AddressDMZ Host Support SecurityVirtual Private Network VPN Package Contents CHAPTER INSTALLATIONHardware Description System RequirementsDescription Figure 2-1. Rear PanelFigure 2-2. Front Panel LED IndicatorsStatus DescriptionISP Settings Connect the SystemPhone/FAX Connection Installing a Full-Rate Connection Phone Line ConfigurationFigure 2-3. Installing with a Splitter Connect the ADSL LineInstalling a Splitterless Connection Figure 2-4. Installing without a SplitterCONNECT THE SYSTEM Connect the Power Adapter Attach to Your Network Using Ethernet Cabling“Configuring Your Macintosh Computer” on page CHAPTER 3 CONFIGURING CLIENT PCSee “Windows 2000” on page “Windows XP” on page or depending on your operating systemTCP/IP Configuration Windows Obtain IP Settings from Your Barricade Disable HTTP ProxyYour computer is now configured to connect to the Barricade Windows XP Disable HTTP ProxyObtain IP Settings from Your Barricade WINDOWS XP Configuring Your Macintosh Computer Disable HTTP Proxy Internet Explorer3-10 CONFIGURING CLIENT PC3. Uncheck all check boxes and click OK CHAPTER CONFIGURING THE VOICE ADSL ROUTER CONFIGURING THE VOICE ADSL ROUTER Navigating the Management InterfaceNAVIGATING THE MANAGEMENT INTERFACE Making Configuration ChangesChannel and SSID SETUP WIZARDParameter DescriptionSETUP WIZARD Time ZoneParameter Setting Confirm ParameterDescription If the parameters are correct, click “NEXT” to save these settings ParameterDescription Parameter Setting - Country or ISP Not Listed ISP use Bridging 4-10CONFIGURING THE VOICE ADSL ROUTER ParameterISP use 1483Bridging-DHCP 4-11ISP use 1483Bridging-FixIP 4-12Click “NEXT” to continue to the “Confirm” settings page ParameterISP use PPPoE 4-13Click “NEXT” to continue to the “Confirm” settings page ParameterISP use PPPoA 4-14Click “NEXT” to continue to the “Confirm” settings page ParameterISP use 1483Routing 4-15Click “NEXT” to continue to the “Confirm” settings page Parameter4-16 Advanced SetupSets the local time zone, the password for administrator access, and Configures a variety of security and specialized functions includingADVANCED SETUP 4-17Menu DescriptionTime Settings SYSTEM4-18 Password Settings 4-19ADVANCED SETUP Remote Management 4-204-21 ADVANCED SETUPDomain Name Servers DNS are used to map a domain name 4-22 ATM PVC 4-23Parameter DescriptionATM Interface 4-241483 Bridging ParameterPPPoA 4-25Parameter Description1483 Routing 4-26QoS Parameters - PCR, SCR and MBS are configurable ParameterPPPoE 4-27Parameter DescriptionMAC Encapsulated Routing 4-28Parameter Description4-29 Clone MAC AddressADVANCED SETUP 4-30 ParameterDescription WIRELESS 4-31ADVANCED SETUP Channel and SSID 4-32Parameter Description4-33 Access Controlrestrict access based on MAC address ADVANCED SETUP4-34 CONFIGURING THE VOICE ADSL ROUTERSecurity 4-35 4-36 802.1X 4-37Parameter DescriptionParameter 4-38Description Quiet PeriodADVANCED SETUP 4-394-40 Address MappingCONFIGURING THE VOICE ADSL ROUTER 4-41 The more common TCP service ports includeVirtual Server Special Application 4-424-43 NAT Mapping TableADVANCED SETUP ROUTING 4-44Static Route 4-45 ParameterDescription Poison Reverse 4-464-47 Routing TableParameter Description 4-48 FIREWALL4-49 Access ControlThe following items are on the Access Control screen 1. Click “Add PC” on the Access Control screen 4-502. Define the appropriate settings for client PC services 3. Click “OK” and then click “SAVE SETTINGS” to save your settingsMAC Filter 4-51Click Yes to enable, or No to disable this function ADVANCED SETUPURL Blocking 4-52CONFIGURING THE VOICE ADSL ROUTER You can define up to 30 sites here4-53 Schedule RuleADVANCED SETUP 2. Define the appropriate settings for a schedule rule 4-543. Click “OK” and then click “SAVE SETTINGS” to save your settings CONFIGURING THE VOICE ADSL ROUTER4-55 Intrusion Detection Intrusion Detection FeatureCONFIGURING THE VOICE ADSL ROUTER 4-56Stateful Packet Inspection 4-57Connection Policy 4-58Defaults Parameter4-59 DoS Criteria and Port Scan Criteriathat will cause the software to stop deleting half 4-60 SNMP 4-61Community Trap 4-62unauthorized individuals from accessing information on your system Parameter4-63 UPNPADSL 4-64ADSL Parameters ADSL Status 4-65ADVANCED SETUP Scroll down to view more informationThe number of Fast Path Cyclic Redundancy Check errors 4-66The following items are included on this information page ParameterParameter 4-67Description Superframes represent the highest level of data presentation4-68 DDNSVOIP Dial Setting4-69 Parameter4-70 Port Settingfor PhoneYou can configure the port settings for your phone in this page ParameterAdvanced setting Port Settingfor Line4-71 ParameterCONFIGURING THE VOICE ADSL ROUTER 4-72Outgoing Mode 4-73Enterprise Mode ADVANCED SETUP4-74 ITSP modeCONFIGURING THE VOICE ADSL ROUTER 4-75 H.323 SettingParameter DescriptionNumbering Plan 4-76Parameter 4-77Description Parameter4-78 PBX ID/PrefixPeer Gateway User Management 4-79VOIP Status ADVANCED SETUP4-80 Configuration Tools TOOLS4-81 4-82 Firmware Upgrade4-83 Reset4-84 STATUSCONFIGURING THE VOICE ADSL ROUTER Scroll down to view more information on the Status pageADVANCED SETUP 4-85The following items are included on the Status page 4-86Parameter DescriptionWINDOWS NT4/2000/XP Finding the MAC address of a Network CardMACINTOSH LINUXTroubleshooting Chart APPENDIX A TROUBLESHOOTINGSymptom ActionSymptom Troubleshooting ChartTROUBLESHOOTING ActionTroubleshooting Chart SymptomAction Troubleshooting Chart SymptomAction Wiring Conventions SpecificationsAPPENDIX B CABLES Ethernet CableRJ-45 Port Connection Figure B-1. RJ-45 Ethernet Connector Pin NumbersPin Assignments Straight-Through WiringCrossover Cable Pin Assignments Crossover WiringADSL Cable Figure B-2. RJ-11 Connector Pin NumbersSpecifications Wiring ConventionsFigure B-3. RJ-11 Pinouts Signal NameWire Color Physical Characteristics Ports APPENDIX C SPECIFICATIONSADSL Features ATM FeaturesLAN Features Security FeaturesVoIP Features Radio Features Wireless RF module Frequency Band 802.11g Radio 2.4GHzRF Output Power Modulation Rate-Output Power dBm 802.11b - 1Mbps Modulation Rate-Output Power dBm 802.11g - 6MbpsOperating Channels IEEE 802.11b compliant 11 channels US, Canada Weight Vibration IEC 68-2-36, IEC Shock IEC Drop IEC DimensionsInput Power Modulation Rate-Receiver Sensitivity Typical dBm 802.11g - 6MbpsSafety Standards Conformance Electromagnetic CompatibilitySPECIFICATIONS