iNID -- i3812V User Guide

52

4.

Select the computer that you want to stop the DMZplus mode.

5.

Select the

Maximum protection

button from the

Edit firewall settings for this computer

pane.

6.

Click

Save

.

7.

Access the computer that you selected in Step 1.

8.

Restart the computer.

Customizing Firewall Configuration

The i3812V comes with a set of default firewall settings that you can change to adapt to your environment.

You can change the timeout sessions and protocol that you want to go through the firewall.

1.

Open a Web browser and enter

to access the 2Wire i3812V user interface.

2.

Click

on the

Home

page; the

Firewall Status

page opens.

Note:

If the computer you want to select is unlisted because it is powered

off and the “hide inactive devices” option is enabled; you still can select it as

long as it is on the same network and you know its IP address. Replace

“Enter IP address” with the intended IP address, then click

Choose

.

Configuring Firewall

53

3.

Click

Advanced Configuration

; the following page opens displaying the default settings.

iNID -- i3812V User Guide

54

4.

Customize your Internet security.

−

Stealth Mode

: When the Stealth Mode is selected, your computer is “invisible” to port-scanning

programs. Consequently, no reply is received in response in their quest to gain unauthorized

access to computers and servers. If your computer is always connected to Internet, it is good

practice to select the Stealth Mode to prevent potential hacking to your computer.

−

Block Ping

: When enabled, Block Ping blocks all ping requests. Ping is a basic Internet program

that, when used without malicious intent, allows a user to verify that a particular IP address exists

and can accept requests. Hackers can use ping to launch an attack against your network, because

ping can determine the network’s IP address from the domain name.

−

Strict UDP Session Control

: Enabling this feature provides increased security by preventing the

i3812V from accepting packets sent from an unknown source over an existing connection. The

ability to send traffic based on destination only is required by some applications. Enabling this

feature may not allow some on-line applications to work properly.

−

UDP Session Timeout

: Typically, the User Datagram Protocol (UDP) is used to exchange small data

from one computer to another. Transmission Control Protocol (TCP) is used for larger data

exchanges; therefore, the timeout setting for UDP is lower than that of TCP

.

−

TCP Session Timeout

: Transmission Control Protocol (TCP) is a connection-oriented protocol, which

means that a connection is established and maintained until such time as the message(s) to be

exchanged by the application programs at each end have been exchanged. The maximum timeout

is 24 hours.

5.

Select the protocol(s) from the

Outbound Control

pane that you allow the traffic from the network to

pass through the firewall to the Internet.

6.

Select items from the

Attack Detection

pane to prevent unauthorized access to your computers.

−

Excessive Session Detection: When enabled, the firewall detects applications on the local network

that are creating excessive sessions out to the Internet. This activity is likely due to a virus or

“worm” infected computer (for example, Blaster Worm).

−

TCP/UDP Port Scan: A port scan is a series of messages sent by someone attempting to break into

a computer to learn which computer network services, each associated with a well-known port

number (such as UDP and TCP), the computer provides. When enabled, the firewall detects UDP

and TCP port scans, and drops the packet.

Note:

NetBIOS is primarily used for Local Area Network (LAN)

communication. Typically, this protocol is not used on the Ethernet at large.

For security reasons, it is blocked from the Internet to your local area

network by default.

Note:

These are stateless firewall checks and apply to DMZPlus or routed

mode.

Configuring Firewall

55

−

Invalid Source/Destination IP address. When enabled, the firewall checks and verifies the following

IP addresses:

−

IP source address (broadcast or multicast)

−

TCP destination IP address (not unicast)

−

If the IP source and destination address are the same

−

Invalid IP source received from private/home network

−

Packet Flood (SYN/UDP/ICMP/Other). When enabled, the firewall checks for SYN, UDP

, ICMP

, and

other types of packet floods on the local and Internet-facing interfaces and stops the flood.

−

Invalid TCP Flag Attacks (NULL/XMAS/Other). When enabled, the firewall scans inbound and

outbound packets for invalid TCP flag settings, and drops the packet to prevent SYN/FIN, NULL,

and XMAS attacks.

−

Invalid ICMP Detection. The firewall checks for invalid ICMP/code types, and drops the packets.

−

Miscellaneous. The firewall checks for the following, and drops the packets or terminates the

associated session:

−

Unknown IP protocol (drop packet)

−

Port 0 attack detected (drop packet)

−

TCP SYN packet (drop packet)

−

Not a start session packet (drop packet)

−

ICMP destination unreachable (terminate session)

7.

Click

Save

; a message appears informing you of the operational status.

Note:

The packets are dropped when IP addresses cannot be verified.

iNID -- i3812V User Guide

56