78
Appendix A: Firewall
Stateful Packet Inspection
Refers to an architecture, where the firewall keeps track of packets on each
connection traversing all its interfaces and makes sure they are valid. This is in
contrast to static packet filtering which only examines a packet based on the
information in the packet header.
Denial of Service attack
Is an incident in which a user or organization is deprived of the services of a
resource they would normally expect to have.
Various DoS attacks the device can withstand are: ARP Attack, Ping Attack, Ping
of Death, Land, SYN Attack, Smurf Attack and Tear Drop.
TCP/IP/Port/Interface Filter
These rules help in the filtering of traffic at the Network layer i.e. Layer 3.
When a Routing interface is created "Enable Firewall" must be checked.
Navigate to Advanced Setup -> Security -> IP Filtering.
Outgoing IP Filter
Helps in setting rules to DROP packets from the LAN interface. By default if
Firewall is Enabled all IP traffic from LAN is allowed. By setting up one or more
filters, particular packet types coming from the LAN can be dropped.
Filter Name:
User defined Filter Name.
Protocol:
Can take on any values from: TCP/UDP, TCP, UDP or ICMP
Source IP Address/Source Subnet Mask:
Packets with the particular
"Source IP Address/Source Subnet Mask" combination will be dropped.
Source Port:
This can take on either a single port number or a range of
port numbers. Packets having a source port equal to this value or falling
within the range of port numbers(portX : portY) will be dropped.
Destination IP Address/Destination Subnet Mask:
Packets with the
particular "Destination IP Address/Destination Subnet Mask" combination
will be dropped.
Destination Port:
This can take on either a single port number or a range
of port numbers. Packets having a destination port equal to this value or
falling within the range of port numbers(portX : portY) will be dropped.
Examples:
1.
Filter Name
: Out_Filter1
Protocol :
TCP
Source
Address
:
192.168.1.45
Source
Subnet
Mask
:
255.255.255.0
Source
Port
:
80
Destination
Address
:
NA
Destination Subnet Mask
: NA
Destination
Port
:
NA
Summary of Contents for CT-820C
Page 1: ...CT 820C VoIP Gateway User s Manual Version A2 0 December 26 2007 261053 034 ...
Page 6: ...5 1 2 Application The following diagram depicts the application of the CT 820C ...
Page 12: ...11 ...
Page 19: ...18 4 4 ARP Click ARP to display the ARP information ...
Page 20: ...19 4 5 DHCP Click DHCP to display the DHCP Leases information ...