Page 51 / 138
Scroll up to view Page 46 - 50
Firewall Tab
46
Configuring the Firewall (Advanced)
The Edit Advanced Firewall Settings page allows you to configure advanced features on your firewall.
Figure 22. Edit Advanced Firewall Settings Page
Note:
These features should be used only if you are thoroughly familiar with firewalls and
networking.
Page 52 / 138
Firewall Tab
47
Enabling Advanced Security
Your 2Wire gateway firewall already provides a high level of security. You can configure the firewall to provide
advanced security features, including stealth mode, strict UDP
, or block pings.
Stealth Mode
In normal firewall operation, when an unknown remote device makes a request to connect to a user’s
network the firewall does not allow the connection to be made and responds with a “connection not
available” message. This may not discourage a determined hacker, because the message confirms that
there is an active network sending the response. The hacker may then use more sophisticated tools in an
attempt to access your network.
When in stealth mode, the 2Wire gateway firewall does not return
any
information in response to network
queries; that is, it will appear to the hacker who is trying to access your network that your network does not
exist. This discourages hackers from further attempts at accessing your network, because to them it will
appear as though there is no active network to access.
To enable Stealth Mode:
•
Open a Web browser and access the 2Wire gateway user interface by entering
•
Click the
Firewall
tab.
Page 53 / 138
Firewall Tab
48
•
Click the Advanced Settings
link under the tab to open the Edit Advanced Firewall Settings page.
1.
In the Security pane, click the
Stealth Mode
checkbox.
2.
Click
SAVE
.
Page 54 / 138
Firewall Tab
49
Block Ping
Ping is a basic Internet program that, when used without malicious intent, allows a user to verify that a
particular IP address exists and can accept requests. Ping is used diagnostically to ensure that a host
computer you are trying to reach is operating. It can also be used to see how long it takes to get a response
back from a specific host computer.
Hackers can use ping to launch an attack against your network, because ping can determine the number
form of the network’s IP address (for example, 105.246.172.72) from the domain name (for example,
www.mynetwork.com). If you enable Block Ping, your network will block all ping requests.
To block ping:
•
Open a Web browser and access the 2Wire gateway user interface by entering
•
Click the
Firewall
tab.
•
Click the Advanced Settings
link under the tab to open the Edit Advanced Firewall Settings page.
1.
In the Security pane, click the
Block Ping
checkbox.
2.
Click
SAVE
.
Page 55 / 138
Firewall Tab
50
Strict UDP Session Control
Enabling this feature provides increased security by preventing the 2Wire gateway from accepting packets
sent from an unknown source over an existing connection.
Strict UDP instructs the 2Wire gateway to be more restrictive about what packets are allowed to transmit
over an established connection from a local network computer to the Internet. In addition to relying on
information about the destination (3-tuple), the 2Wire gateway will also use information about the source of
the connection (5-tuple).
To enable strict UDP session control:
•
Open a Web browser and access the 2Wire gateway user interface by entering
•
Click the
Firewall
tab.
•
Click the Advanced Settings
link under the tab to open the Edit Advanced Firewall Settings page.
1.
In the Security pane, click the
Strict UDP Session Control
checkbox.
2.
Click
SAVE
.
Note:
The ability to send traffic based on destination only is required by some applications.
Enabling this feature may not allow some on-line applications to work properly.