BEC 7300N Скачать руководство пользователя страница 84

Страница: 84 / 117

For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event

Log but it will not be able to protect against such attacks.

Hacker attack types recognized by the IDS

Intrusion Name

Detect Parameter Blacklist

Type of Block
Duration

Drop Packet Show Log

Ascend Kill

Ascend Kill data

Src IP

DoS

Yes

WinNuke

TCP
Port 135, 137~139,
Flag: URG

Src IP

DoS

Yes

Smurf

ICMP type 8
Des IP is broadcast

Dst IP

Victim
Protection

Yes

Land attack

SrcIP = DstIP

Yes

Echo/CharGen Scan

UDP Echo Port and
CharGen Port

Yes

Echo Scan

UDP Dst Port =
Echo(7)

Src IP

Scan

Yes

CharGen Scan

UDP Dst Port =
CharGen(19)

Src IP

Scan

Yes

X’mas Tree Scan

TCP Flag: X’mas

Src IP

Scan

Yes

IMAP
SYN/FIN Scan

TCP Flag: SYN/FIN
DstPort: IMAP(143)
SrcPort: 0 or 65535

Src IP

Scan

Yes

SYN/FIN/RST/ACK
Scan

TCP,
No Existing session
And Scan Hosts
more than five.

Src IP

Scan

Yes

Net Bus Scan

TCP
No Existing session
DstPort = Net Bus
12345,12346, 3456

SrcIP

Scan

Yes

Back Orifice Scan

UDP,

DstPort

Orifice Port (31337)

SrcIP

Scan

Yes

SYN Flood

Max

TCP

Open

Handshaking Count
(Default 100 c/sec)

Yes

ICMP Flood

Max ICMP Count
(Default 100 c/sec)

Yes

ICMP Echo

Max PING Count
(Default 15 c/sec)

Yes

Содержание 7300N

Страница 1: ...Last revision 03 10 2008 BEC 7300N 802 11 draft ADSL2 Firewall Router User Manual...

Страница 2: ...tion from your ISP 22 3 5 Configuring with your BEC 7300N 22 Chapter 4 27 4 1 Status 28 4 2 Quick Start 29 4 3 WAN 30 4 4 WLAN 31 Chapter 5 34 5 1 Status 35 5 1 1 ADSL Status 37 5 1 2 ARP Table 38 5 1...

Страница 3: ...3 5 5 Restart 114 5 6 Logout 115 Chapter 6 116...

Страница 4: ...al time audio much easier and faster than ever before The BEC 7300N supports PPPoA RFC 2364 PPP Point to Point Protocol over ATM Adaptation Layer 5 RFC 1483 encapsulation over ATM bridged or routed PP...

Страница 5: ...dynamically assigned IP address from the DHCP server and reboot Each time a local machine is powered up the router recognizes it and assigns an IP address to instantly connect it to the LAN For advanc...

Страница 6: ...0 Mbps 802 11n data rate it also interoperates backward with existing 802 11g and 802 11b equipment The Wireless Protected Access WPA and Wireless Encryption Protocol WEP supported features enhance th...

Страница 7: ...ccess from the Internet like Telnet FTP TFTP WEB SNMP and IGMP Domain Name System Relay Domain Name System DNS relay provides an easy way to map a domain name with a user friendly name such as www goo...

Страница 8: ...u can assign a PC in a LAN to act as a Web server inside and expose it to the outside network Outside users can browse inside the web server directly while it is protected by NAT A DMZ host setting is...

Страница 9: ...9 1 3 Applications of the BEC 7300N...

Страница 10: ...uter lets you access your network using a wireless connection from virtually anywhere within its operating range Keep in mind however that the number thickness and location of walls ceilings or other...

Страница 11: ...e surface Only use the power adapter that comes with the package Using a different voltage rating power adaptor may damage the router Attention Do not use the BEC 7300N in high humidity or high temper...

Страница 12: ...progress 4 Wireless Lit green when the wireless connection is established Flashes when sending receiving data 5 Ethernet Port 1 4 Lit when connected to an Ethernet device Green for 100Mbps Orange for...

Страница 13: ...are upgrade flash 2 Recovery procedures for a lost web interface password 3 WPS Push WPS button to trigger Wi Fi Protected Setup function 4 Ethernet Connect a UTP Ethernet cable Cat 5 or Cat 5e to one...

Страница 14: ...a failed firmware upgrade flash Hold the Reset Button on the back of the modem in Keep this button held in and turn on the modem Once the lights on the modem have stopped flashing release the Reset Bu...

Страница 15: ...router e g telephones fax machines analog modems have a line filter connected between them and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and l...

Страница 16: ...253 The easiest way is to configure the PC is to obtain an IP address automatically from the router using DHCP If you encounter any problems accessing the router s web interface you are advised to uni...

Страница 17: ...Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration Configuring a PC in Windows 2000 1 Go to Start Settin...

Страница 18: ...automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish the configuration Configuring PC in Windows 98 Me 1 Go to Start Settings Control Panel In the Control P...

Страница 19: ...Configuration tab 5 Select the Disable DNS radio button and click OK to finish the configuration Configuring PC in Windows NT4 0 1 Go to Start Settings Control Panel In the Control Panel double click...

Страница 20: ...and Password Username admin Password admin The default username and password are admin and admin respectively Attention If you ever forget the username password to login to the router you may press t...

Страница 21: ...and WAN ports are preset at the factory The default values are shown below LAN Port WAN Port IP address 192 168 1 254 Subnet Mask 255 255 255 0 DHCP server function Enabled in ports 1 2 3 and 4 IP ad...

Страница 22: ...automatically assigned by your ISP when you connect or be set manually RFC1483 Bridged VPI VCI VC based LLC based multiplexing to use Bridged Mode RFC1483 Routed VPI VCI VC based LLC based multiplexin...

Страница 23: ...you to complete the basic network configuration 1 Click continue 2 Choose Auto or Manually to scan ADSL information 3 Show Auto scan result Protocol information 4 Please enter Username and Password as...

Страница 24: ...vice to be configured 6 You ve have completed the WAN port setup and now click Next to Wireless to proceed to the wireless configuration 7 Please configure the Wireless LAN setting and click Continue...

Страница 25: ...25 9 Congratulations You ve completed the setup procedure and you are now ready to surf the Internet enjoy...

Страница 26: ...he IP address of your router which by default is 192 168 1 254 and click Go a user name and password window prompt appears The default username and password are admin and admin Congratulations You hav...

Страница 27: ...300N Router via your web browser you can begin to set it up according to your requirements On the configuration homepage the left navigation pane links you directly to the setup pages which include Ad...

Страница 28: ...us User can look up to see if they are connected to Ethernet ADSL or Wireless WAN Port Name of the WAN connection Protocol VPI VCI Virtual Path Identifier and Virtual Channel Identifier Operation Curr...

Страница 29: ...e to the AP which is already built in to the router s wireless interface It is case sensitive and must not excess 32 characters Make sure your wireless clients have exactly the ESSID as the device in...

Страница 30: ...ur ISP You can input up to 128 alphanumeric characters case sensitive Service Name This item is for identification purposes If it is required your ISP provides you the information Maximum input is 15...

Страница 31: ...ESSID It is function in which transmits its ESSID to the air so that when wireless client searches for a network router can then be discovered and recognized Default setting is Disable Enable Select...

Страница 32: ...etween 8 and 63 characters Group Key Renewal The period of renewal time for changing the security key between wireless client and Access Point AP This process is done automatically WPA2 Pre Shared Key...

Страница 33: ...ically based upon the input string and a pre defined algorithm in WEP64 or WEP128 You can input the same string in both the AP and Client card settings to generate the same WEP keys Please note that y...

Страница 34: ...ge the left navigation pane links you directly to the setup pages which include Basic Switch to Basic Configuration Mode Status ADSL Status ARP Table DHCP Table System Log Firewall Log UPnP Portmap Qu...

Страница 35: ...35 5 1 Status Device Information Host Name Provide a name for the router for identification purposes Host Name lets you change the router name...

Страница 36: ...of the WAN connection Protocol VPI VCI Virtual Path Identifier and Virtual Channel Identifier Operation Current available operation Connection The current connection status IP Address WAN port IP addr...

Страница 37: ...rgin Downstream This is noise margin in downstream Line Attenuation Upstream This is attenuation of signal in upstream Line Attenuation Downstream This is attenuation of signal in downstream ADSL Mode...

Страница 38: ...s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature IP Address It is IP Address of internal host that join this network MAC Address The...

Страница 39: ...plays log information of any unexpected action with your firewall settings This page displays the router s Firewall Log entries The log shows log entries when you have enabled Intrusion Detection or B...

Страница 40: ...PnP Portmap The section lists all port mapping established using UPnP Universal Plug and Play Please see the Advanced section of this manual for more details on UPnP and the router s UPnP configuratio...

Страница 41: ...rent value of VPI VCI in the device IP address To show current value of IP address in the device EWAN Click on Continue to choose the Protocol to connect with EWAN or click Jump to Wireless Setting to...

Страница 42: ...n automatically obtain an IP address subnet mask gateway address and DNS server addresses if the ISP assigns this information via DHCP Protocol The current ATM protocol in the device Click on the Cont...

Страница 43: ...IP address if it is not in this format Protocol The current ATM protocol in the device IP Address Your WAN IP address Leave this at 0 0 0 0 to automatically obtain an IP address from your ISP Netmask...

Страница 44: ...ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive Service Name Enter a name for this connection IP Addr...

Страница 45: ...AP which is already built in to the router s wireless interface It is case sensitive and must not excess 32 characters Make sure your wireless clients have exactly the ESSID as the device in order to...

Страница 46: ...is limited to the immediate area usually the same building or floor of a building There are six items within the LAN section Ethernet IP Alias Wireless Wireless Security WPS and DHCP Server 5 3 1 1 E...

Страница 47: ...two or more local networks to the ISP or remote node In this case an internal router is not required IP Address Specify an IP address on this virtual interface Netmask Specify a subnet mask on this v...

Страница 48: ...uter Disable When Disable is selected you can allow anybody with a wireless client to be able to locate the Access Point AP of your router Regulation Domain There are seven Regulation Domains for you...

Страница 49: ...is Disable Check Enable radio button to activate this function 1 Peer WDS MAC Address It is the associated AP s MAC Address It is important that your peer s AP must include your MAC address in order...

Страница 50: ...p Key Renewal The period of renewal time for changing the security key automatically between wireless client and Access Point AP WPA2 Pre Shared Key WPA2 Algorithms TKIP Temporal Key Integrity Protoco...

Страница 51: ...d Client card settings to generate the same WEP keys Please note that you do not have to enter Key 1 4 as below when the Passphrase is enabled Key 1 4 Enter the key to encrypt wireless data To allow e...

Страница 52: ...1 Note down the AP s PIN from Web Ex 78749887 Step 2 Open wireless client s WPS utility Ex Atheros Jumpstart WPS utility select Configure a wireless network and apply next button Step 3 Enter AP s PI...

Страница 53: ...to do it Push AP s WPS button 1 second and release it Or In the AP s WPS configuration page change Role to Enrollee and apply Start button Step 5 Jumpstart WPS utility search WPS AP Step 6 SSID and se...

Страница 54: ...54 Step 7 WPS set up complete And you have set up security enabled Wi Fi networks...

Страница 55: ...PIN from Web Ex 78749887 Step 2 Set WPS State to Unconfigured at Wireless page and click Apply Step 3 In Vista s Control Panel select Network and Internet and choose View network computers and device...

Страница 56: ...56 Step 4 Enter the AP SSID and apply Next button...

Страница 57: ...57 Step 5 Enter the Passphrase and apply Next button Step 6 WCN set up complete And you have set up security enabled Wi Fi networks...

Страница 58: ...econd and you will see AP s WLAN led will flashing per second Step 2 Open wireless client s WPS utility select Join a wireless network and apply next button Note After you push AP s WPS button below s...

Страница 59: ...w WPS device have join into the wireless network Adding a new WPS device wireless client to a network Use PIN Method Step 1 Open wireless client s WPS utility select Join a wireless network and apply...

Страница 60: ...tep 2 Note down the wireless client s PIN Ex 41538142 and apply Start button for active wireless client WPS PIN method Step 3 Enter wireless client s PIN into Enrollee s PIN of Web and apply Start but...

Страница 61: ...server or enable the router s DHCP relay functions The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses automati...

Страница 62: ...lient i e your PC when it requests an IP address from the DHCP server Click Apply to enable this function If you check Use Router as a DNS Server the ADSL Router performs the domain name lookup finds...

Страница 63: ...63 5 3 2 WAN Wide Area Network A WAN Wide Area Network is an outside connection to another network or the Internet There are two items within the WAN section WAN Profile and ADSL Mode...

Страница 64: ...e This is in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive Service Name This...

Страница 65: ...when a program on your computer attempts to access the Internet In this mode you must set Idle Timeout value at same time Idle Timeout Auto disconnect the broadband firewall gateway when there is no a...

Страница 66: ...use Chap or Pap Obtain DNS Automatically Select this check box to use DNS Primary DNS Secondary DNS Enter the IP addresses of the DNS servers The DNS servers are passed to the DHCP clients along with...

Страница 67: ...g the single IP address If users on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled IP Address Your WAN IP address Leave this at 0 0 0 0 to auto...

Страница 68: ...dge Connections ADSL Description A user definable name for this connection VPI VCI Enter the VPI and VCI information provided by your ISP Encap method Select the encapsulation format this is provided...

Страница 69: ...f your connection in kilobytes per second The connection speed is used by QoS settings NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single ISP...

Страница 70: ...rs on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled IP Address Your WAN IP address Leave this at 0 0 0 0 to automatically obtain an IP address...

Страница 71: ...s multiple users to access the Internet through a single IP account sharing a single IP address If users on your LAN have public IP addresses and can access the Internet directly the NAT function can...

Страница 72: ...s Open Annex Type and Follow DSLAM s Setting Annex A Annex L Annex M and Annex J that user can select for this connection Modulator There are seven modes AUTO ADSL multimode ADSL2 ADSL2 G Lite T1 413...

Страница 73: ...73 5 3 3 System There are five items within the System section Time Zone Firmware Upgrade Backup Restore Restart User Management and Mail Alert...

Страница 74: ...ime from the SNTP server you have specified If you prefer to specify an SNTP server other than those in the drop down list simply enter its IP address as shown above Your ISP may provide an SNTP serve...

Страница 75: ...select the new firmware image file you have downloaded to your PC Once the correct file is selected click Upgrade to update the firmware in your router Restart Device with To choose Factory Default S...

Страница 76: ...your router s configuration Press Backup to select where on your local PC to save the settings file You may also change the name of the file when saving if you wish to keep multiple backups Press Bro...

Страница 77: ...d You can set up multiple user accounts each with their own password You are able to Edit existing users and Add new users who are able to access the device s configuration interface Once you have cli...

Страница 78: ...ission 5 3 4 Firewall Firewall and Access Control Your router includes a full SPI Stateful Packet Inspection firewall for controlling Internet access from your LAN as well as helping to prevent attack...

Страница 79: ...for a hacker to target a machine on your network This natural firewall is on when the NAT function is enabled Firewall Security and Policy General Settings Inbound direction of Packet Filter rules pr...

Страница 80: ...users IP address from Internet access or you can disable specific service requests Port number to from Internet This configuration program allows you to set up to 6 different filter rules for differen...

Страница 81: ...Forward allows the packets to pass or Drop disallow the packets to pass this packet Internal Port This Port or Port Range defines the ports allowed to be used by the Remote WAN to connect to the appl...

Страница 82: ...o manage Time Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section If the DHCP server option is en...

Страница 83: ...ble if you wish to detect intruders accessing your computer without permission Maximum TCP Open Handshaking Count This is a threshold value to decide whether a SYN Flood attempt is occurring or not De...

Страница 84: ...an UDP Echo Port and CharGen Port Yes Yes Echo Scan UDP Dst Port Echo 7 Src IP Scan Yes Yes CharGen Scan UDP Dst Port CharGen 19 Src IP Scan Yes Yes X mas Tree Scan TCP Flag X mas Src IP Scan Yes Yes...

Страница 85: ...keywords are present in URLs accessed to determine if the connection attempt should be blocked Note that the URL Dst Port Destination Port Dst IP Destination IP Check Enable if you wish to exclude out...

Страница 86: ...e URL to determine if it is in the trusted list If yes the connection attempt is sent to the remote web server 2 If not it is checked with the forbidden list If present the connection attempt is dropp...

Страница 87: ...ies Blocks Cookies Block Proxy Blocks Proxy Except IP Address Time Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to...

Страница 88: ...consumption data like gaming packets latency sensitive application like voice or even mission critical files move through the router at lightning speed even under heavy load You can throttle the speed...

Страница 89: ...he connection maybe either issued from LAN to WAN or WAN to LAN Protocol The Protocol will be controlled For GRE protocol there is no need to specify the IP addresses or Application ports in this page...

Страница 90: ...of 256K and limit to it you may use this type Guaranteed Minimum specify a minimal data rate for this policy For example you want to provide a guaranteed data rate for your outside customers to acces...

Страница 91: ...or IP packets from LAN to WAN it is the source IP address For IP packages from WAN to LAN it is the destination IP address Internal Port The Application port values for local LAN machines you want to...

Страница 92: ...ority for non used bandwidth with DSCP marking Class 1 Gold Service Always FTP Sever 192 168 1 100 Incoming and Outgoing outgoing minimal 30 Data rate incoming minimal 30 Data rate Both with low prior...

Страница 93: ...plication Voice is latency sensitive application Most VoIP devices are used SIP protocol and the port number will be assigned by SIP module automatically Better to use fixed IP address for catching Vo...

Страница 94: ...slation then you need to configure your router to forward these incoming connection attempts using specific ports to the PC on your network running the application You also need to use port forwarding...

Страница 95: ...P UDP SSH Remote Login Protocol 23 TCP Telnet 25 TCP SMTP Simple Mail Transfer Protocol 53 TCP UDP DNS Domain Name Server 69 UDP TFTP Trivial File Transfer Protocol 80 TCP World Wide Web HTTP 110 TCP...

Страница 96: ...as all incoming connection attempts point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network When your router needs to allow outside us...

Страница 97: ...protocol to all causes all incoming connection attempts using all protocols on all port numbers to be forwarded to the specified IP address 5 3 6 2 DMZ DMZ The DMZ Host is a local computer exposed to...

Страница 98: ...erver function becomes invalid 2 If the DHCP server option is enabled you have to be very careful in assigning the IP addresses of the virtual servers in order to avoid conflicts The easiest way of co...

Страница 99: ...Sunday through Saturday You may specify the days for the schedule to be applied Start Time The default is set at 8 00 AM You may specify the start time of the schedule End Time The default is set at...

Страница 100: ...the more advanced features of the router Users who do not understand the features should not attempt to reconfigure their router unless advised to do so by support staff There are seven items within...

Страница 101: ...DNS The Dynamic DNS function lets you alias a dynamic IP address to a static hostname so if your ISP does not assign you a static IP address you can still use a domain name This is especially useful f...

Страница 102: ...Password Enter your registered domain name and your username and password for this service Period Set the time period between updates for the Router to exchange information with the DDNS server In ad...

Страница 103: ...al Plug and Play UPnP UPnP offers peer to peer network connectivity for PCs and other network devices along with control and data transfer between devices UPnP offers many advantages for users running...

Страница 104: ...e the port Installing UPnP in Windows Example Follow the steps below to install the UPnP in Windows Me Step 1 Click Start and Control Panel Double click Add Remove Programs Step 2 Click on the Windows...

Страница 105: ...ies window Click Next Step 5 Restart the computer when prompted Follow the steps below to install the UPnP in Windows XP Step 1 Click Start and Control Panel Step 2 Double click Network Connections St...

Страница 106: ...in the Components selection box and click Details Step 5 In the Networking Services window select the Universal Plug and Play check box Step 6 Click OK to go back to the Windows Optional Networking Co...

Страница 107: ...rt and Control Panel Double click Network Connections An icon displays under Internet Gateway Step 2 Right click the icon and select Properties Step 3 In the Internet Connection Properties window clic...

Страница 108: ...a when connected option and click OK An icon displays in the system tray Step 6 Double click on the icon to display your current Internet connection status Step 4 You may edit or delete the port mappi...

Страница 109: ...Step 1 Click Start and then Control Panel Step 2 Double click Network Connections Step 3 Select My Network Places under Other Places Step 4 An icon describing each UPnP enabled device shows under Loc...

Страница 110: ...3 8 6 SNMP Access Control Software on a PC within the LAN is required in order to utilize this function Simple Network Management Protocol SNMP V1 and V2 Read Community Specify a name to be identified...

Страница 111: ...rom identified IP address Once the authentication has succeeded users from this IP address will be able to view and modify the data SNMP Version SNMPV2c and SNMPv3 SNMPv2c is the combination of the en...

Страница 112: ...d as spanning tree From RFC 1471 PPP LCP MIB pppLink group pppLqr group From RFC 1472 PPP Security MIB PPP Security Group From RFC 1473 PPP IP MIB PPP IP Group From RFC 1474 PPP Bridge MIB PPP Bridge...

Страница 113: ...t Duration Set how many minutes to allow management access from remote side Zero means always on Allowed Access IP Address Range Valid Select Valid to allow remote management from these IP ranges IP A...

Страница 114: ...ck Save Config and click Apply to write your new configuration to FLASH 5 5 Restart Click Restart with option Current Settings to reboot your router and restore your last saved configuration If you wi...

Страница 115: ...b pages at a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If the previous PC forgets to logout the second PC ca...

Страница 116: ...een the adapter and the router If the error persists you may have a hardware problem In this case you should contact technical support Problems with the WAN Interface Problem Corrective Action Initial...

Страница 117: ...stalled the wrong way around can cause problems with your ADSL connection including causing frequent disconnections If you have a back to base alarm system you should contact your security provider fo...

Результаты поиска

Содержание 7300N

Отзывы:

Бренды по названию

Популярные бренды

BEC 7300N, Руководство пользователя

Результаты поиска

Содержание 7300N

Отзывы:

Бренды по названию

Популярные бренды