WEBSHARE 243WM

50

FTP (OutGoing/Ingoing)::

WEBSHARE 243WM

51

DNS (OutGoing/Ingoing):

3.6.3.4.2 MAC address Filtering

MAC filtering function enables you to configure your ADSL Firewall Router to block internal

user (

MAC address

) from Internet access.

If you check

Enable,

remember to choosea defaulkt rules policy between

Forward

or

Drop

.

If you select

Forward

, the packet with the MAC address in the table(

Drop

) will be dropped

and others will be forwarded. If you select

Drop

, the packet with the MAC address in the

table (

Forward

) will be forwarded and others will be dropped. Then select

Apply

button to

save the setting.

WEBSHARE 243WM

52

•

Active:

Select

Yes

from the drop down list box to enable MAC address filtering.

•

Action When Matched:

Select “Drop” or “Forward”.

•

Log:

Choose “Yes” if you wish to generate logs when the filer rule is applied to a

packet.

•

MAC Address:

Enter the MAC addresses you wish to manage.

3.6.3.4.3 Intrusion Detection

The router’s Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion

attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are

filtered and blocked depending on whether they are detected as possible hacker attacks,

intrusion attempts or other connections that the router determines to be suspicious.

Hacker attack types recognized by the IDS:

•

IP Spoofing

•

Ping of Death (Length > 65535)

•

Land Attack (Same source / destination IP address)

•

IP with zero length

•

Sync flooding

•

Smurf Attack (ICMP Echo with x.x.x.0 or x.x.x.255)

•

Snork Attack

•

UDP port loop-back

•

TCP NULL scan

•

Intrusion Detection:

Check “Enable” if you wish to detect intruders accessing your

computer without permission.

•

Alert Mail:

Select this check box to use Alert Mail.

WEBSHARE 243WM

53

•

Alert Mail Time:

Set the time for receiving Alert mail.

•

Your E-Mail:

Set your email address.

•

Recipient’s E-mail:

Set the Recipient’s email address to which

the E-<mail

notification is sent.

•

SMTP server:

Set the SMTP (mail) server address.

3.6.3.4.4 Block Wan Request

The “

Block WAN Request

” is a stand-alone function and not relate to whether security

enable or disable. Mostly it is for preventing any scan tools from WAN site by hacker.

3.6.3.4.5 URL Blocking

URL filter rules allow you to prevent users on your network from accessing particular

websites by their URL. There are no predefined URL filter rules; you can add filter rules to

meet your requirements.

WEBSHARE 243WM

54

From/To:

IP Address

Block Mode:

You can select when Router have yo use thess settings

Keywords Filtering:

Allows blocking by specific keywords within a particular URL rather than having to

specify a complete URL (e.g. to block any image called “advertisement.gif”).

When enabled, your specified keywords list will be checked to see if any keywords are

present in URLs accessed to determine if the connection attempt should be blocked.

Please note that the URL filter blocks web browser (HTTP) connection attempts using

port 80 only.

For example, if the URL is http://www.atlantis-land.com/start.html, it will be dropped as

the keyword “start” occurs in the URL.

Domains Filtering:

This function checks the domain name in URLs accessed against your list of domains to

block or allow. If it is matched, the URL request will be sent (Trusted) or dropped

(Forbidden). The checking procedure is:

1. Check the domain in the URL to determine if it is in the trusted list. If yes, the

connection attempt is sent to the remote web server.

2. If not, check if it is listed in the forbidden list, and if present then the connection

attempt is dropped..

3. If the packet does not match either of the above two items, it is sent to the remote

web server.

4. Please be note that the domain only should be specified, not the full URL. For

example to block traffic to www.sex.com, enter “sex” or “sex.com” instead of

“www.sex.com”. In the example below, the URL request for www.helloworld.com.tw will

be sent to the remote web server because it is listed in the trusted list, whilst the URL

request for www.sex or www.sex.com will be dropped, because helloworld.com is in

the forbidden list.