P-662H/HW-D Series User’s Guide
Chapter 10 Firewalls
175
10.4.2.3 Traceroute
Traceroute is a utility used to determine the path a packet takes between two endpoints.
Sometimes when a packet filter firewall is configured incorrectly an attacker can traceroute
the firewall gaining knowledge of the network topology inside the firewall.
Often, many DoS attacks also employ a technique known as "
IP Spoofing
" as part of their
attack. IP Spoofing may be used to break into systems, to hide the hacker's identity, or to
magnify the effect of the DoS attack. IP Spoofing is a technique used to gain unauthorized
access to computers by tricking a router or firewall into thinking that the communications are
coming from within the trusted network. To engage in IP spoofing, a hacker must modify the
packet headers so that it appears that the packets originate from a trusted host and should be
allowed through the router or firewall. The ZyXEL Device blocks all IP Spoofing attempts.
10.5 Stateful Inspection
With stateful inspection, fields of the packets are compared to packets that are already known
to be trusted. For example, if you access some outside service, the proxy server remembers
things about your original request, like the port number and source and destination addresses.
This “remembering” is called
saving the state.
When the outside system responds to your
request, the firewall compares the received packets with the saved state to determine if they
are allowed in. The ZyXEL Device uses stateful packet inspection to protect the private LAN
from hackers and vandals on the Internet. By default, the ZyXEL Device’s stateful inspection
allows all communications to the Internet that originate from the LAN, and blocks all traffic to
the LAN that originates from the Internet. In summary, stateful inspection:
• Allows all sessions originating from the LAN (local network) to the WAN (Internet).
• Denies all sessions originating from the WAN to the LAN.
Figure 94
Stateful Inspection
Содержание 802.11g ADSL 2+ 4-Port Security Gateway HW-D Series
Страница 1: ...P 662H HW D Series 802 11g ADSL 2 4 Port Security Gateway User s Guide Version 3 40 Edition 1 7 2006 ...
Страница 2: ......
Страница 10: ...P 662H HW D Series User s Guide 10 Customer Support ...
Страница 24: ...P 662H HW D Series User s Guide 24 Table of Contents ...
Страница 32: ...P 662H HW D Series User s Guide 32 List of Figures ...
Страница 38: ...P 662H HW D Series User s Guide 38 List of Tables ...
Страница 64: ...P 662H HW D Series User s Guide 64 Chapter 2 Introducing the Web Configurator ...
Страница 84: ...P 662H HW D Series User s Guide 84 Chapter 4 Bandwidth Management Wizard ...
Страница 108: ...P 662H HW D Series User s Guide 108 Chapter 5 WAN Setup ...
Страница 122: ...P 662H HW D Series User s Guide 122 Chapter 6 LAN Setup ...
Страница 155: ...P 662H HW D Series User s Guide Chapter 8 DMZ 155 Figure 81 DMZ Private and Public Address Example ...
Страница 156: ...P 662H HW D Series User s Guide 156 Chapter 8 DMZ ...
Страница 188: ...P 662H HW D Series User s Guide 188 Chapter 11 Firewall Configuration Figure 97 Firewall Edit Rule ...
Страница 202: ...P 662H HW D Series User s Guide 202 Chapter 11 Firewall Configuration ...
Страница 210: ...P 662H HW D Series User s Guide 210 Chapter 12 Anti Virus Packet Scan ...
Страница 214: ...P 662H HW D Series User s Guide 214 Chapter 13 Content Filtering ...
Страница 232: ...P 662H HW D Series User s Guide 232 Chapter 14 Content Access Control ...
Страница 238: ...P 662H HW D Series User s Guide 238 Chapter 15 Introduction to IPSec ...
Страница 273: ...P 662H HW D Series User s Guide Chapter 17 Certificates 273 Figure 144 My Certificate Details ...
Страница 284: ...P 662H HW D Series User s Guide 284 Chapter 17 Certificates Figure 152 Trusted Remote Host Details ...
Страница 292: ...P 662H HW D Series User s Guide 292 Chapter 18 Static Route ...
Страница 303: ...P 662H HW D Series User s Guide Chapter 19 Bandwidth Management 303 Figure 162 Bandwidth Management Monitor ...
Страница 304: ...P 662H HW D Series User s Guide 304 Chapter 19 Bandwidth Management ...
Страница 308: ...P 662H HW D Series User s Guide 308 Chapter 20 Dynamic DNS Setup ...
Страница 332: ...P 662H HW D Series User s Guide 332 Chapter 22 Universal Plug and Play UPnP ...
Страница 338: ...P 662H HW D Series User s Guide 338 Chapter 23 System ...
Страница 344: ...P 662H HW D Series User s Guide 344 Chapter 24 Logs ...
Страница 350: ...P 662H HW D Series User s Guide 350 Chapter 25 Tools ...
Страница 363: ...P 662H HW D Series User s Guide Chapter 27 Troubleshooting 363 Figure 213 Security Setting ActiveX Controls ...
Страница 364: ...P 662H HW D Series User s Guide 364 Chapter 27 Troubleshooting ...
Страница 368: ...P 662H HW D Series User s Guide 368 Product Specifications ...
Страница 372: ...P 662H HW D Series User s Guide 372 Appendix C Wall mounting Instructions ...
Страница 408: ...P 662H HW D Series User s Guide 408 Appendix F Wireless LANs ...
Страница 420: ...P 662H HW D Series User s Guide 420 Appendix H Command Interpreter ...
Страница 436: ...P 662H HW D Series User s Guide 436 Appendix L NetBIOS Filter Commands ...
Страница 462: ...P 662H HW D Series User s Guide 462 Appendix M Internal SPTGEN ...
Страница 484: ...P 662H HW D Series User s Guide 484 Appendix P Triangle Route ...