Home » Netgear Manuals » Modems » Netgear WGT624SC » Manual Viewer

Netgear WGT624SC WGT624v3 Reference Manual - Page 91

Stateful Packet Inspection, Denial of Service Attack, Ethernet Cabling

Add to My Manuals
Save this manual to your list of manuals

Page 91 highlights

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3 Stateful Packet Inspection Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. Since user-level applications such as FTP and web browsers can create complex patterns of network traffic, it is necessary for the firewall to analyze groups of network connection states. Using Stateful Packet Inspection, an incoming packet is intercepted at the network layer and then analyzed for state-related information associated with all network connections. A central cache within the firewall keeps track of the state information associated with all network connections. All traffic passing through the firewall is analyzed against the state of these connections in order to determine whether or not it will be allowed to pass through or rejected. Denial of Service Attack A hacker may be able to prevent your network from operating or communicating by launching a Denial of Service (DoS) attack. The method used for such an attack can be as simple as merely flooding your site with more requests than it can handle. A more sophisticated attack may attempt to exploit some weakness in the operating system used by your router or gateway. Some operating systems can be disrupted by simply sending a packet with incorrect length information. Ethernet Cabling Most Ethernet networks now use unshielded twisted pair (UTP) cabling. UTP cable has eight wires arranged in four twisted pairs, and terminated with an RJ45 connector. Normal straightthrough UTP Ethernet cable follows the EIA568B standard as described in Table B-1. Table B-1. UTP Ethernet cable wiring, straight-through Pin Wire color Signal 1 Orange/White Transmit (Tx) + 2 Orange Transmit (Tx) - 3 Green/White Receive (Rx) + 4 Blue 5 Blue/White 6 Green Receive (Rx) - 7 Brown/White 8 Brown Network, Routing, Firewall, and Basics 202-10090-01, April 2005 B-11

Section	Page
Contents	5
Chapter 1 About This Manual	11
Audience, Scope, Conventions, and Formats	11
How to Use This Manual	12
How to Print this Manual	13
Chapter 2 Introduction	15
Key Features	15
802.11g Wireless Networking	16
A Powerful, True Firewall with Content Filtering	16
Security	17
Autosensing Ethernet Connections with Auto Uplink	17
Extensive Protocol Support	17
Easy Installation and Management	18
Maintenance and Support	19
Package Contents	19
The Router’s Front Panel	20
The Router’s Rear Panel	21
Chapter 3 Configuring the Internet and Wireless Settings	23
Initial Configuration	24
Logging Into Your Router	25
Changing Your Configuration	28
Internet Settings	28
Wireless Settings	32
Chapter 4 Content Filtering	35
Blocking Access to Internet Sites	35
Blocking Access to Internet Services	36
Scheduling When Blocking Will Be Enforced	38
Configuring E-Mail Alert and Web Access Log Notifications	39
Viewing Logs of Web Access or Attempted Web Access	40
Chapter 5 Maintenance	43
Viewing Wireless Router Status Information	43
Viewing a List of Attached Devices	47
Upgrading the Router Software	47
Configuration File Management	49
Restoring and Backing Up the Configuration	49
Erasing the Configuration	50
Changing the Administrator Password	50
Chapter 6 Advanced Configuration	51
Configuring Port Forwarding to Local Servers	51
Adding a Port Forwarding Custom Service	52
Editing or Deleting a Port Forwarding Entry	52
Local Web and FTP Server Example	53
Multiple Computers for Half Life, KALI or Quake III Example	53
Using Port Triggering	54
Port Triggering Rules Menu	55
Adding a new Rule	55
Modifying or Deleting an existing Rule:	56
Rules Status	56
Configuring WAN Setup Options	57
Using a Dynamic DNS Service	59
Using LAN IP Setup Options	61
Using the Router as a DHCP server	62
Using Address Reservation	63
How to Configure Static Routes	65
Enabling Remote Management Access	67
Using Universal Plug and Play (UPnP)	69
Chapter 7 Troubleshooting	71
Basic Functioning	71
Power LED Not On	71
LEDs Never Turn Off	72
Local or Internet Port LEDs Not On	72
Troubleshooting the Web Configuration Interface	73
Troubleshooting the ISP Connection	74
Troubleshooting a TCP/IP Network Using a Ping Utility	75
Testing the LAN Path to Your Router	75
Testing the Path from Your PC to a Remote Device	76
Restoring the Default Configuration and Password	77
Problems with Date and Time	77
Appendix A Technical Specifications	79
Appendix B Network, Routing, Firewall, and Basics	81
Related Publications	81
Basic Router Concepts	81
What is a Router?	81
Routing Information Protocol	82
IP Addresses and the Internet	82
Netmask	84
Subnet Addressing	84
Private IP Addresses	87
Single IP Address Operation Using NAT	87
MAC Addresses and Address Resolution Protocol	88
Related Documents	89
Domain Name Server	89
IP Configuration by DHCP	90
Internet Security and Firewalls	90
What is a Firewall?	90
Stateful Packet Inspection	91
Denial of Service Attack	91
Ethernet Cabling	91
Category 5 Cable Quality	92
Inside Twisted Pair Cables	92
Uplink Switches, Crossover Cables, and MDI/MDIX Switching	94
Appendix C Preparing Your Network	95
Preparing Your Computers for TCP/IP Networking	95
Configuring Windows 95, 98, and Me for TCP/IP Networking	96
Install or Verify Windows Networking Components	96
Enabling DHCP to Automatically Configure TCP/IP Settings	98
Selecting Windows’ Internet Access Method	100
Verifying TCP/IP Properties	100
Configuring Windows NT4, 2000 or XP for IP Networking	101
Install or Verify Windows Networking Components	101
DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4	102
DHCP Configuration of TCP/IP in Windows XP	102
DHCP Configuration of TCP/IP in Windows 2000	104
DHCP Configuration of TCP/IP in Windows NT4	107
Verifying TCP/IP Properties for Windows XP, 2000, and NT4	109
Configuring the Macintosh for TCP/IP Networking	110
MacOS 8.6 or 9.x	110
MacOS X	110
Verifying TCP/IP Properties for Macintosh Computers	111
Verifying the Readiness of Your Internet Account	112
Are Login Protocols Used?	112
What Is Your Configuration Information?	112
Obtaining ISP Configuration Information for Windows Computers	113
Obtaining ISP Configuration Information for Macintosh Computers	114
Restarting the Network	115
Appendix D Wireless Networking Basics	117
Wireless Networking Overview	117
Infrastructure Mode	117
Ad Hoc Mode (Peer-to-Peer Workgroup)	118
Network Name: Extended Service Set Identification (ESSID)	118
Authentication and WEP Data Encryption	118
802.11 Authentication	119
Open System Authentication	119
Shared Key Authentication	120
Overview of WEP Parameters	121
Key Size	122
WEP Configuration Options	123
Wireless Channels	123
WPA and WPA2 Wireless Security	124
How Does WPA Compare to WEP?	125
How Does WPA Compare to WPA2 (IEEE 802.11i)?	126
What are the Key Features of WPA and WPA2 Security?	126
WPA/WPA2 Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS	128
WPA/WPA2 Data Encryption Key Management	130
Is WPA/WPA2 Perfect?	132
Product Support for WPA/WPA2	132
Supporting a Mixture of WPA, WPA2, and WEP Wireless Clients is Discouraged	132
Changes to Wireless Access Points	133
Changes to Wireless Network Adapters	133
Changes to Wireless Client Programs	134

Match case Limit results 1 per page

Reference Manual for the 108 Mbps Wireless Firewall Router WGT624 v3

Network, Routing, Firewall, and Basics

B-11

202-10090-01, April 2005

Stateful Packet Inspection

Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to

ensure secure firewall filtering to protect your network from attacks and intrusions. Since

user-level applications such as FTP and web browsers can create complex patterns of network

traffic, it is necessary for the firewall to analyze groups of network connection states. Using

Stateful Packet Inspection, an incoming packet is intercepted at the network layer and then

analyzed for state-related information associated with all network connections. A central cache

within the firewall keeps track of the state information associated with all network connections.

All traffic passing through the firewall is analyzed against the state of these connections in order to

determine whether or not it will be allowed to pass through or rejected.

Denial of Service Attack

A hacker may be able to prevent your network from operating or communicating by launching a

Denial of Service (DoS) attack. The method used for such an attack can be as simple as merely

flooding your site with more requests than it can handle. A more sophisticated attack may attempt

to exploit some weakness in the operating system used by your router or gateway. Some operating

systems can be disrupted by simply sending a packet with incorrect length information.

Ethernet Cabling

Most Ethernet networks now use unshielded twisted pair (UTP) cabling. UTP cable has eight

wires arranged in four twisted pairs, and terminated with an RJ45 connector. Normal straight-

through UTP Ethernet cable follows the EIA568B standard as described in

Table B-1

Table B-1.

UTP Ethernet cable wiring, straight-through

Wire color

Signal

Orange/White

Transmit (Tx) +

Orange

Transmit (Tx) -

Green/White

Receive (Rx) +

Blue

Blue/White

Green

Receive (Rx) -

Brown/White

Brown