EasyManua.ls Logo

2Wire Gateway - Page 56

Default Icon
131 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Firewall Tab
50
The following table lists the attacks for which the gateway firewall filters continuously check.
To disable attack detection for a specific port:
Open a Web browser and access the 2Wire gateway user interface by entering
http://2Wire.gateway.net.
Click the
Firewall tab.
Attack Description and Action Taken
Excessive Session Detection When enabled, the firewall will detect applications on the
local network that are creating excessive sessions out to
the Internet. This activity is likely due to a virus or “worm”
infected computer (for example, Blaster Worm). When the
event is detected, the gateway displays a HURL warning
page.
TCP/UDP Port Scan A port scan is a series of messages sent by someone
attempting to break into a computer to learn which com-
puter network services, each associated with a well-known
port number (such as UDP and TCP), the computer pro-
vides. When enabled, the firewall detects UDP and TCP
port scans, and drops the packet.
Invalid Source/Destination IP
address
When enabled, the firewall will verify IP addresses by
checking for the following:
IP source address is broadcast or multicast — drop
packet.
TCP destination IP address is not unicast — drop packet.
IP source and destination address are the same — drop
packet.
Invalid IP source received from private/home network —
drop packet.
Packet Flood (SYN/UDP/ICMP/
Other)
When enabled, the firewall will check for SYN, UDP, ICMP,
and other types of packet floods on the local and Internet
facing interfaces and stop the flood.
Invalid TCP Flag Attacks (NULL/
XMAS/Other)
When enabled, the firewall will scan inbound and out-
bound packets for invalid TCP Flag settings, and drop the
packet to prevent SYN/FIN, NULL, and XMAS attacks.
Invalid ICMP Detection The firewall checks for invalid ICMP/code types, and drops
the packet.
Miscellaneous The firewall checks for the following:
Unknown IP protocol — drop packet.
Port 0 attack detected — drop packet.
TCP SYN packet — drop packet.
Not a start session packet — drop packet.
ICMP destination unreachable — terminate session.

Table of Contents

Related product manuals