Addressing
unauthorized accesses
Unauthorized accesses to the Internet can be
divided into several types. The following shows
each type of unauthorized access and measures
to be taken against it.
NOTE
• New unauthorized access methods and security
loopholes (security holes) are constantly being
discovered. We would like you to understand that
there is no completely infallible security measures
that can solve all the problems, and that connecting
to the Internet always involves risk. The functions
included in the product are no exception. Thus, we
strongly recommend that you constantly obtain the
latest information and enhance the security settings
under your own responsibility.
• Please note that Yamaha cannot accept any liability
for any losses or damage resulting from incorrect
use.
1. Intrusions using invalid packets
• The most effective action is disconnecting the
Internet or changing the global IP address.
• Using a packet filtering firewall to block unwanted
packets is also effective to a certain extent.
• It is also considerably effective to use the firewall
software of application gateway type because it
blocks inconsistent packets, or dubious ActiveX
and Java applets from entering PCs. Virus
detection software can be used in combination
with it. In this case, however, you should set up
a firewall server to install the firewall software of
application gateway type.
Measures to be taken in the product
• Enable the auto-disconnect function so that an
assigned dynamic IP address can be changed
each time the product is disconnected/connected.
However, this measure is difficult to implement
when you use the product for the purpose of
having a public server in place. In that case, take
appropriate measures in the server.
• You may be able to block a certain type of attack
by configuring a filter to block specific types of
packets (pages 77 and 80) used for the
attack.
2. Intrusions exploiting security holes
of the operating system or server
software
This type of unauthorized access can be prevented
at a high rate by upgrading the operating system
or server software, configuring proper settings, or
conducting adequate management.
Measures to be taken in the product
• Changing a product setting by malicious third
persons can be prevented by restricting hosts
that can change the product settings (page
100).
• You may be able to block a certain type of attack
by configuring a filter to block specific types of
packets (pages 77 and 80) used for the
attack.
3. Intrusions as e-mail attached files
(computer viruses)
Your PC is infected with a virus by opening an
attached file. Do not open any dubious attached
files, and install virus detection software on PCs
to detect viruses and clean them at an early stage
so that damage can be minimized.
Measures to be taken in the product
• Security enhancement functions included in
the product are not effective against computer
viruses.
• Prepare PC virus detection software separately.
74
FWX120 Operation Manual
4
Enhancing security