Zyxel-communications 662HW Series Manual de usuario Pagina 149
- Pagina / 563
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Prestige 662H/HW Series User’s Guide
149 Chapter 13 Firewalls
amount of ICMP echo request and response traffic. If a hacker chooses to spoof the
source IP address of the ICMP echo request packet, the resulting ICMP traffic will not
only clog up the "intermediary" network, but will also congest the network of the spoofed
source IP address, known as the "victim" network. This flood of broadcast traffic
consumes all available bandwidth, making communications impossible.
Figure 56 Smurf Attack
13.4.2.1 ICMP Vulnerability
ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:
13.4.2.2 Illegal Commands (NetBIOS and SMTP)
The only legal NetBIOS commands are the following - all others are illegal.
All SMTP commands are illegal except for those displayed in the following tables.
Table 40 ICMP Commands That Trigger Alerts
5 REDIRECT
13 TIMESTAMP_REQUEST
14 TIMESTAMP_REPLY
17 ADDRESS_MASK_REQUEST
18 ADDRESS_MASK_REPLY
Table 41 Legal NetBIOS Commands
MESSAGE:
REQUEST:
POSITIVE:
VE:
RETARGET:
KEEPALIVE:
- Prestige 662H/HW Series 1
- Copyright 2
- Federal Communications 3
- Commission (FCC) Interference 3
- Statement 3
- ZyXEL Limited Warranty 4
- Customer Support 5
- Customer Support 6 6
- 7 Customer Support 7
- Table of Contents 8
- Chapter 7 10
- Chapter 8 10
- Chapter 15 13
- Chapter 16 13
- Chapter 20 15
- Chapter 21 15
- List of Figures 26
- List of Tables 34
- About This User's Guide 40
- Syntax Conventions 40
- Related Documentation 40
- User Guide Feedback 41
- Graphics Icons Key 41
- Introduction to DSL 42
- 43 Introduction to DSL 43
- CHAPTER 1 44
- High Speed Internet Access 45
- Firewall 45
- Content Filtering 46
- Content Access Control 46
- Anti-Virus Packet Scan 46
- IEEE 802.11g Wireless LAN 46
- Protocol Support 49
- Networking Compatibility 49
- 1.1.2.1 Internet Access 51
- LED descriptions 52
- CHAPTER 2 54
- 2.1.2 Resetting the Prestige 55
- CHAPTER 3 60
- 3.1.2 Multiplexing 61
- 3.1.3 VPI and VCI 61
- 3.3.1 IP Address Assignment 63
- 3.3.3 NAT 64
- 3.4.1 DHCP Setup 69
- CHAPTER 4 72
- CHAPTER 5 76
- 77 Chapter 5 Password Setup 77
- CHAPTER 6 78
- 6.2 DNS Server Address 79
- 6.4 LAN TCP/IP 80
- 6.5 Any IP 81
- 6.5.1 How Any IP Works 82
- 6.6 Configuring LAN 83
- 6.7 Configuring Static DHCP 84
- 85 Chapter 6 LAN Setup 85
- Figure 22 LAN: Static DHCP 85
- Table 15 LAN: Static DHCP 85
- CHAPTER 7 86
- 87 Chapter 7 DMZ 87
- Figure 23 DMZ 87
- Table 16 DMZ 87
- Chapter 7 DMZ 88 88
- Table 16 DMZ (continued) 88
- 89 Chapter 7 DMZ 89
- CHAPTER 8 90
- 8.1.3 ESS ID 91
- 8.1.4 RTS/CTS 91
- 8.2 Levels of Security 92
- 8.3 Data Encryption with WEP 93
- 8.4 Configuring Wireless LAN 93
- Figure 26 Wireless LAN 94
- Table 17 Wireless LAN 94
- 8.5 Configuring MAC Filter 95
- Table 18 MAC Address Filter 96
- 8.6 Network Authentication 97
- 8.7 Introduction to WPA 99
- LABEL DESCRIPTION 105
- 8.14 Configuring RADIUS 109
- Table 25 RADIUS 110
- CHAPTER 9 112
- 9.3 PPPoE Encapsulation 113
- 9.4 Traffic Shaping 113
- 9.6 Configuring WAN Setup 114
- 115 Chapter 9 WAN Setup 115
- Figure 38 WAN Setup (PPPoE) 115
- Table 26 WAN Setup 115
- Chapter 9 WAN Setup 116 116
- 9.7 Traffic Redirect 117
- 9.8 Configuring WAN Backup 118
- 119 Chapter 9 WAN Setup 119
- Figure 41 WAN Backup 119
- Table 27 WAN Backup 119
- Check WAN IP Address 120
- 121 Chapter 9 WAN Setup 121
- Chapter 9 WAN Setup 122 122
- 123 Chapter 9 WAN Setup 123
- 9.10 AT Command Strings 124
- 9.11 DTR Signal 124
- 9.12 Response Strings 124
- Chapter 9 WAN Setup 126 126
- 127 Chapter 9 WAN Setup 127
- CHAPTER 10 128
- 10.1.2 What NAT Does 129
- 10.1.3 How NAT Works 129
- 10.1.4 NAT Application 130
- 10.1.5 NAT Mapping Types 130
- Table 31 NAT Mapping Types 131
- 10.3 SUA Server 132
- 10.4 Selecting the NAT Mode 133
- 10.5 Configuring SUA Server 134
- CHAPTER 11 140
- Figure 51 Dynamic DNS 141
- Table 37 Dynamic DNS 141
- CHAPTER 12 142
- 143 Chapter 12 Time and Date 143
- Table 38 Time and Date 143
- CHAPTER 13 144
- 145 Chapter 13 Firewalls 145
- 13.4 Denial of Service 146
- 13.4.2 Types of DoS Attacks 147
- Chapter 13 Firewalls 148 148
- Figure 55 SYN Flood 148
- 13.4.2.1 ICMP Vulnerability 149
- 13.5 Stateful Inspection 150
- 151 Chapter 13 Firewalls 151
- 13.5.3 TCP Security 152
- 13.5.4 UDP/ICMP Security 153
- 13.5.5 Upper Layer Protocols 153
- 13.6.1 Security In General 154
- 13.7.1 Packet Filtering: 155
- 13.7.2 Firewall 155
- Chapter 13 Firewalls 156 156
- 157 Chapter 13 Firewalls 157
- CHAPTER 14 158
- 14.3 Rule Logic Overview 159
- 14.3.3.1 Action 160
- 14.3.3.2 Service 160
- 14.3.3.3 Source Address 160
- 14.4.1 LAN to WAN Rules 161
- 14.4.2 WAN to LAN Rules 161
- 14.4.3 Alerts 162
- 14.6 Rule Summary 164
- Address 167
- 14.7 Customized Services 168
- 14.9 Example Firewall Rule 169
- 14.10 Predefined Services 173
- 14.11 Anti-Probing 175
- 14.12.1 Threshold Values 177
- 14.12.2 Half-Open Sessions 177
- CHAPTER 15 180
- CHAPTER 16 184
- 16.2.2 Configuring Services 188
- 16.2.2.1 Available Services 189
- SERVICE DESCRIPTION 191
- 16.3 User Account Setup 198
- 16.4 User Online Status 200
- 16.5.1 User Login 201
- 16.5.2 Administrator Login 202
- CHAPTER 17 204
- CHAPTER 18 212
- 18.2 IPSec Architecture 213
- 18.3 Encapsulation 214
- 18.4 IPSec and NAT 215
- Table 65 VPN and NAT 216
- CHAPTER 19 218
- 19.3 My IP Address 219
- 19.5 VPN Summary Screen 220
- 19.4 Secure Gateway Address 220
- 221 Chapter 19 VPN Screens 221
- Figure 94 VPN Summary 221
- Table 67 VPN Summary 221
- 19.6 Keep Alive 222
- 19.7 NAT Traversal 222
- 19.7.2 Remote DNS Server 223
- 19.8 ID Type and Content 224
- VPN tunnel 225
- 19.9 Pre-Shared Key 226
- 19.10 Editing VPN Policies 226
- 227 Chapter 19 VPN Screens 227
- Figure 97 VPN IKE 227
- Chapter 19 VPN Screens 228 228
- Table 72 VPN IKE 228
- 229 Chapter 19 VPN Screens 229
- Chapter 19 VPN Screens 230 230
- 19.11 IKE Phases 231
- 19.11.1 Negotiation Mode 232
- 233 Chapter 19 VPN Screens 233
- Chapter 19 VPN Screens 234 234
- 235 Chapter 19 VPN Screens 235
- 19.13 Manual Key Setup 236
- 19.14 Configuring Manual Key 237
- Chapter 19 VPN Screens 238 238
- Table 74 VPN: Manual Key 238
- 239 Chapter 19 VPN Screens 239
- 19.15 Viewing SA Monitor 240
- 241 Chapter 19 VPN Screens 241
- Table 75 241
- Chapter 19 VPN Screens 242 242
- 243 Chapter 19 VPN Screens 243
- Chapter 19 VPN Screens 244 244
- 245 Chapter 19 VPN Screens 245
- CHAPTER 20 246
- 20.2 Telnet 247
- 20.3 FTP 247
- 20.4 Web 248
- CHAPTER 21 250
- 21.2 UPnP and ZyXEL 251
- Table 80 Configuring UPnP 252
- Components selection box 253
- Figure 117 System Tray Icon 260
- Network 261
- CHAPTER 22 264
- 265 Chapter 22 Logs Screens 265
- Figure 122 Log Settings 265
- Table 81 Log Settings 265
- 22.3 Displaying the Logs 266
- 22.4 SMTP Error Messages 267
- 22.4.1 Example E-mail Log 268
- 269 Chapter 22 Logs Screens 269
- CHAPTER 23 270
- 23.5 Scheduler 272
- 23.7 Bandwidth Borrowing 275
- 23.8 Configuring Summary 277
- 23.9 Configuring Class Setup 278
- 23.10 Bandwidth Monitor 283
- CHAPTER 24 284
- 285 Chapter 24 Maintenance 285
- Figure 136 System Status 285
- Table 91 System Status 285
- 24.2.1 System Statistics 286
- 287 Chapter 24 Maintenance 287
- 24.3 DHCP Table Screen 288
- 24.4 Any IP Table Screen 289
- 24.5 Wireless Screen 289
- 24.6 Diagnostic Screens 290
- 291 Chapter 24 Maintenance 291
- 24.7 Firmware Screen 293
- Chapter 24 Maintenance 294 294
- Figure 145 Error Message 294
- 295 Chapter 24 Maintenance 295
- CHAPTER 25 296
- Figure 146 Login Screen 297
- ? > or 298
- 1234", and 299
- Table 101 Main Menu Summary 299
- *” for each 300
- CHAPTER 26 302
- CHAPTER 27 306
- [ENTER] 308
- Press ENTER to Confirm 309
- FIELD DESCRIPTION 311
- CHAPTER 28 312
- CHAPTER 29 316
- MAC address table 317
- CHAPTER 30 320
- 30.4 IP Alias Setup 321
- 30.5 Route IP Setup 322
- Menu 4 Internet Access Setup 324
- CHAPTER 31 326
- 31.4 Remote Node Filter 332
- 31.5.3 Advance Setup Options 334
- CHAPTER 32 336
- CHAPTER 33 340
- 341 Chapter 33 Bridging Setup 341
- 343 Chapter 33 Bridging Setup 343
- CHAPTER 34 344
- 34.3 NAT Setup 346
- Menu 15.1.255 is read-only 347
- 34.3.1.3 Ordering Your Rules 349
- 34.5 General NAT Examples 352
- Figure 192 NAT Example 1 353
- Figure 194 NAT Example 2 354
- Figure 196 NAT Example 3 355
- Figure 201 NAT Example 4 358
- CHAPTER 35 360
- CHAPTER 36 362
- Filter Rule 363
- Filter Set 363
- Len Length 366
- 36.4.1 TCP/IP Filter Rule 367
- 36.4.2 Generic Filter Rule 369
- Length= 0 370
- 36.5 Filter Types and NAT 371
- 36.6 Example Filter 371
- Table 129 Filter Sets Table 373
- 36.7.1 Ethernet Traffic 374
- 36.7.2 Remote Node Filters 374
- CHAPTER 37 376
- 37.2 Supported MIBs 377
- 37.3 SNMP Configuration 377
- 37.4 SNMP Traps 378
- CHAPTER 38 380
- 38.1.3 IEEE802.1x 382
- CHAPTER 39 386
- 39.3 System Information 388
- 39.3.2 Console Port Speed 389
- 39.4 Log and Trace 390
- 39.4.2 Syslog and Accounting 391
- Figure 237 Syslog Example 392
- 39.5 Diagnostic 393
- CHAPTER 40 396
- 40.2 Backup Configuration 397
- 40.2.4 GUI-based FTP Clients 399
- 40.2.7 TFTP Command Example 400
- 40.3 Restore Configuration 402
- 40.4.1 Firmware File Upload 405
- 40.4.5 TFTP File Upload 407
- CHAPTER 41 412
- 41.2 Call Control Support 413
- 41.3 Time and Date Setting 414
- 41.3.1 Resetting the Time 416
- CHAPTER 42 418
- 42.4 System Timeout 420
- CHAPTER 43 422
- 43.4 IP Routing Policy Setup 423
- 43.5 Applying an IP Policy 426
- (192.168.1.100) 429
- CHAPTER 44 430
- CHAPTER 45 434
- 45.2 IPSec Summary Screen 435
- 45.3 IPSec Setup 437
- Menu 27.1.1 IPSec Setup 438
- 45.4 IKE Setup 441
- 45.5 Manual Setup 443
- CHAPTER 46 446
- 447 Chapter 46 SA Monitor 447
- Chapter 46 SA Monitor 448 448
- 449 Chapter 46 SA Monitor 449
- CHAPTER 47 450
- Remember 451
- CHAPTER 48 454
- Appendix A 458
- Cable Pin Assignments 458
- Appendix B 460
- Splitters and Microfilters 460
- Prestige With ISDN 461
- Appendix C 462
- Installing Components 463
- Configuring 464
- Windows 2000/NT/XP 465
- Macintosh OS 8/9 469
- Macintosh OS X 471
- Verifying Settings 472
- Appendix D 474
- IP Subnetting 474
- Subnet Masks 475
- Subnetting 475
- Example: Two Subnets 476
- 477 Appendix D IP Subnetting 477
- Table 7 Subnet 1 477
- Table 8 Subnet 2 477
- Example: Four Subnets 478
- Example Eight Subnets 479
- Appendix D IP Subnetting 480 480
- 481 Appendix D IP Subnetting 481
- Appendix E 482
- How PPPoE Works 483
- Prestige as a PPPoE Client 483
- Appendix F 484
- Virtual Circuit Topology 484
- Appendix G 486
- Wireless LAN and IEEE 802.11 486
- Appendix H 490
- Wireless LAN With IEEE 802.1x 490
- Appendix I 492
- Types of EAP Authentication 492
- PEAP (Protected EAP) 493
- Appendix J 494
- Recommendation 494
- Connector Type 495
- Appendix K 496
- Registering Your ZyXEL Device 497
- Appendix K 498 498
- 9 Click Continue again 499
- Activating a Service 500
- 501 Appendix K 501
- Appendix L 502
- 503 Appendix L 503
- Appendix L 504 504
- 505 Appendix L 505
- Appendix M 506
- 507 Appendix M 507
- Appendix M 508 508
- 509 Appendix M 509
- Appendix M 510 510
- 511 Appendix M 511
- Appendix M 512 512
- 513 Appendix M 513
- Appendix M 514 514
- 515 Appendix M 515
- Appendix M 516 516
- 517 Appendix M 517
- Appendix M 518 518
- 519 Appendix M 519
- Appendix M 520 520
- 521 Appendix M 521
- Appendix M 522 522
- 523 Appendix M 523
- Appendix M 524 524
- 525 Appendix M 525
- Command Examples 526
- 527 Appendix M 527
- Appendix N 528
- Command Interpreter 528
- 529 Appendix N 529
- Appendix O 530
- Firewall Commands 530
- 531 Appendix O 531
- Appendix P 532
- NetBIOS Filter Commands 532
- NetBIOS Filter Configuration 533
- Appendix P 534 534
- 535 Appendix P 535
- Appendix Q 536
- Brute-Force Password Guessing 536
- Protection 536
- 537 Appendix Q 537
- Appendix R 538
- Boot Commands 538
- 539 Appendix R 539
- Appendix S 540
- Log Descriptions 540
- 541 Appendix S 541
- Table 31 System Error Logs 541
- Appendix S 542 542
- Table 33 TCP Reset Logs 542
- Table 34 Packet Filter Logs 542
- Table 35 ICMP Logs 542
- 543 Appendix S 543
- Table 36 CDR Logs 543
- Table 37 PPP Logs 543
- Appendix S 544 544
- Table 38 UPnP Logs 544
- 545 Appendix S 545
- Table 40 Attack Logs 545
- Appendix S 546 546
- Table 41 IPSec Logs 546
- Table 42 IKE Logs 546
- 547 Appendix S 547
- Appendix S 548 548
- 549 Appendix S 549
- Table 43 802.1X Logs 549
- Appendix S 550 550
- Table 44 ACL Setting Notes 550
- Table 45 ICMP Notes 550
- 551 Appendix S 551
- Table 46 Syslog Logs 551
- Log Commands 552
- Log Command Example 553
Relacionado con productos y manuales para Hardware Zyxel-communications 662HW Series
(66 paginas)
(4 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.108 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales