ZyWALL 2WG Support Notes
All contents copyright (c) 2006 ZyXEL Communications Corporation. 231
B12. What is IP Spoofing attack?
Many DoS attacks also use IP Spoofing as part of their attack. IP Spoofing may be used to break into
systems, to hide the hacker's identity, or to magnify the effect of the DoS attack. IP Spoofing is a
technique used to gain unauthorized access to computers by tricking a router or firewall into thinking that
the communications are coming from within the trusted network. To engage in IP Spoofing, a hacker
must modify the packet headers so that it appears that the packets originate from a trusted host and should
be allowed through the router or firewall.
B13. What are the default ACL firewall rules in ZyWALL?
There are two default ACLs pre-configured in the ZyWALL, one allows all connections from LAN to
WAN and the other blocks all connections from WAN to LAN except of the DHCP packets.
B14. Why does traffic redirect/static/policy route be blocked by ZyWALL?
ZyWALL is an ideal secure gateway for all data passing between the Internet and the LAN. For some
reasons (load balance or backup line), users may want traffic to be re-routed to another Internet access
devices while still be protected by ZyWALL. In such case, the network topology is the most important
issue. Here is a common example that people mis-deploy the LAN traffic redirect and static route.