Page 61 / 125 Scroll up to view Page 56 - 60
Chapter
9
Network Security
This chapter guides you on how to protect your home network from cyber attacks
and unauthorized users by implementing these three network security functions. You
can protect your home network against DoS (Denial of Service) attacks from flooding
your network with server requests using DoS Protection, block or allow specific client
devices to access your network using Access Control, or you can prevent ARP spoofing
and ARP attacks using IP & MAC Binding function.
This chapter contains the following sections:
Protect the Network from Cyber Attacks
Access Control
IP & MAC Binding
Page 62 / 125
58
Chapter 9
Network Security
9. 1.
Protect the Network from Cyber Attacks
The SPI (Stateful Packet Inspection) Firewall and DoS (Denial of Service) Protection
protect the router from cyber attacks.
The SPI Firewall can prevent cyber attacks and validate the traffic that is passing
through the router based on the protocol. This function is enabled by default, and it’s
recommended to keep the default setting.
DoS Protection can protect your home network against DoS attacks from flooding your
network with server requests. Follow the steps below to configure DoS Protection.
1.
Visit
http://tplinkwifi.net
, and log in with the username and password you’ve set for
the router.
2.
Go to
Advanced
>
Security
>
Settings
.
3.
Enable
DoS Protection
.
4.
Set the level (
Off
,
Low
,
Middle
or
High
) of protection for
ICMP-FLOOD Attack
Filtering
,
UDP-FlOOD Attack Filtering
and
TCP-SYN-FLOOD Attack Filtering
.
ICMP-FLOOD Attack Filtering
- Enable to prevent the Internet Control Message
Protocol (ICMP) flood attack.
UDP-FlOOD Attack Filtering
- Enable to prevent the User Datagram Protocol
(UDP) flood attack.
TCP-SYN-FLOOD Attack Filtering
- Enable to prevent the Transmission Control
Protocol-Synchronize (TCP-SYN) flood attack.
Tips:
The level of protection is based on the traffic packets number. The protection will be triggered immediately
when the number of packets exceeds the preset threshold value (the value can be set on
Advanced
>
System
Tools
>
System Parameters
>
DoS Protection Level Settings
), and the vicious host will be displayed in the
Blocked DoS Host List
.
Page 63 / 125
59
Chapter 9
Network Security
5.
Select
Ignore Ping Packet From WAN/LAN Port
if you want to ignore the ping
packets from WAN/LAN port.
6.
Click
Save
to make the settings effective.
9. 2.
Access Control
Access Control is used to block or allow specific client devices to access your network
(via wired or wireless) based on a list of blocked devices (Blacklist) or a list of allowed
devices (Whitelist).
Block or allow specific client devices to access my network (via
wired or wireless).
1.
Visit
http://tplinkwifi.net
, and log in with the username and
password you’ve set for the router.
2.
Go to
Advanced
>
Security
>
Access Control
.
3.
Enable
Access Control
.
4.
Select the access mode to either block (recommended) or
allow the device(s) in the list.
To block specific device(s)
1 ) Select
Blacklist
and click
Save
.
2 ) Select the device(s) to be blocked in the
Devices Online
table by ticking the box.
I want to:
How can I
do that?
Page 64 / 125
60
Chapter 9
Network Security
3 ) Click
Block
above the
Devices Online
table. The selected
devices will be added to
Devices in Blacklist
automatically.
To allow specific device(s)
1 ) Select
Whitelist
and click
Save
.
2 ) Click
Add
in Devices in Whitelist section. Enter the
Device Name
and
MAC Address
(You can copy and paste
the information from the following list if the device is
connected to your network).
3 ) Click
OK
.
Now you can block or allow specific client devices to access your
network (via wired or wireless) using the
Blacklist
or
Whitelist
.
Done!
Page 65 / 125
61
Chapter 9
Network Security
9. 3.
IP & MAC Binding
IP & MAC Binding, namely, ARP (Address Resolution Protocol) Binding, is used to bind
network device’s IP address to its MAC address. This will prevent ARP Spoofing and
other ARP attacks by denying network access to an device with matching IP address in
the Binding list, but unrecognized MAC address.
Prevent ARP spoofing and ARP attacks.
1.
Visit
http://tplinkwifi.net
, and log in with the username and
password you’ve set for the router.
2.
Go to
Advanced
>
Security
>
IP & MAC Binding
.
3.
Enable
ARP Binding
.
4.
Bind your device(s) according to your need.
To bind the connected device(s):
Click
to add the
corresponding device to the
Binding List
.
To bind the unconnected device
1 ) Click
Add
in Binding List section.
2 ) Enter the
MAC address
and
IP address
that you want to
bind.
3 ) Tick the
Enable This Entry
check box and click
OK
.
Now you don’t need to worry about ARP spoofing and ARP
attacks!
I want to:
How can I
do that?
Done!

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top