71

SMTP

Username

Enter the username of the email account you will send from.

SMTP

Password

Enter the password of the email account you will send from.

E-mail Alerts

Check to enable sending alert email, when an attack is detected.

Below is a complete list of the capable SysLog server attack/notification types and their

format. The generic format of sysLog messages for traffic or administration-related

events is:

MMM DD HH:MM:SS YYYY SYSLOG[0]: [Host HostIP] Protocol SourceIP,SourcePort

--> DestIP,DestPort EventText

72

Table 17. SysLog Server Event Format

Parameter

Description

MMM

The three-letter abbreviation for the month (e.g., JUN, JUL AUG,

etc.)

DD

The two-digit day of the month (e.g., 01, 02, 03, etc.)

HH:MM:SS

The time displayed as two-digit values for the hour, minute, and

second, respectively.

YYYY

The four-digit year.

HostIP

The IP address of Cable Modem/Router sending the SysLog event.

This is the LAN IP Address on the Basic - Setup page.

Protocol

Can be one of the following: “TCP”, “UDP”, “ICMP”, “IGMP” or

“OTHER”. In the case of “OTHER” the protocol type is displayed in

parentheses (). For ICMP packets, the ICMP type is displayed in

parentheses.

SourceIP

The IP address of the originator of the session/packet.

SourcePort

The source port at the originator.

DestIP

The IP address of the recipient of the session/packet.

DestPort

The destination port at the recipient.

EventText

A textual description of the event.

The format of SysLog messages for informational events is simplified:

MMM DD HH:MM:SS YYYY SYSLOG[0]: [Host HostIP] EventText

73

The table below lists all events that can be sent to the SysLog server.

Table 18. SysLog Server Event and Meaning

Event Text

Meaning

ALLOW: Inbound access

request

An inbound request was made, and accepted, from a

public network client to use a service hosted on the firewall

or a client behind the firewall.

ALLOW: Outbound

access request

An outbound request was made, and accepted, from a

public client to use a service hosted on a public network

server.

DENY: Inbound or

outbound access request

A request to traverse the firewall by a public or private

client violated the security policy, and was blocked.

DENY: Firewall interface

access request

A request was made to the public or private firewall

interface by a public or private client that violated the

security policy, and was blocked.

FAILURE: User interface

login (Invalid username

or password)

An attempt was made to login to the user interface, and

access was denied because the username and/or

password was incorrect.

SUCCESS: User interface

login

An attempt was made to login to the user interface, and

access was allowed.

ALLOW: User interface

access [request]

An HTTP GET or POST request was made by an

authenticated user to the user interface.

DENY: Inbound or

outbound [internet attack

name] attack

A known internet attack was detected attempting to

traverse the firewall, and was blocked. Examples of known

internet attacks are Ping Of Death, Teardrop, WinNuke,

XmasTree, SYN Flood, etc.

DENY: Firewall interface

[internet attack name]

attack

A known internet attack directed at the firewall itself was

detected and blocked. Examples of known internet attacks

are Ping Of Death, Teardrop, WinNuke, XmasTree, SYN

Flood, etc.

Firewall Up

The public interface (WAN) connection is up, and the

firewall has begun to police traffic, or the firewall was

previously disabled, and the user has enabled it through

the user interface.

Remote config

Remote configuration management (via HTTP through the

74

management enabled

[port#]

specified port # on the public interface) has been enabled

via the user interface.

Remote config

management disabled

Remote configuration management has been disabled via

the user interface.

Time Of Day established

The system established the current system time via the

DOCSIS cable modem registration process. The system

time is used by the firewall to timestamp events.

Public Network Interface

up (IP address x.x.x.x)

The firewall successfully obtained an IP address for the

public network (WAN) interface via DHCP. This process

takes place after the cable modem registration process

successfully completes.

75

11

Parental Control Menu Options

The Parental Control Menu lets you:



Configure the rules for Internet access based on user or time period



Configure the rules to block certain Internet contents and certain web sites



View the event logs related to parental control

To set up Parental Control, you first set up Policies in the

Basic Setup

Menu. Next, you

assign a user name and password for each user on your network. Finally you apply the

Policies to individual users in the

User Setup

Menu. When you enable Parental Control,

each user must log on to view Internet content. The content a user may access will be

defined by the policy that you assigned to that user. A user profile may optionally be

applied to a specific computer, so that no login is required for users of that computer.

Basic

This Basic Setup page allows you to configure rules which block certain Internet content

and certain Web sites. An override password and access duration timer allows user

override of the content filter settings. When entered, these allow a user Internet access

without the constraint of the rules entered until the timer expires.

To access the Basic page:

1

Click

Parental Control

in the menu bar.

2

Then click the

Basic

submenu.

Figure 23 shows an example of the menu and Table 19 describes the items you can

select.

Note:

Always remember to click the

Apply

button to complete changes on this page.