ZyXEL NBG-417N User Guide - Page 120
Table 52, LABEL, DESCRIPTION, Firewall, NBG-417N User's Guide
View all ZyXEL NBG-417N manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 120 highlights
Chapter 12 Firewall Table 52 Security > Firewall > Services LABEL Do not respond to requests for unauthorized services DESCRIPTION Select this option to prevent hackers from finding the NBG-417N by probing for unused ports. If you select this option, the NBG-417N will not respond to port request(s) for unused ports, thus leaving the unused ports and the NBG-417N unseen. By default this option is not selected and the NBG-417N will reply with an ICMP Port Unreachable packet for a port probe on its unused UDP ports, and a TCP Reset packet for a port probe on its unused TCP ports. Apply Reset Note that the probing packets must first traverse the NBG-417N's firewall mechanism before reaching this anti-probing mechanism. Therefore if the firewall mechanism blocks a probing packet, the NBG-417N reacts based on the firewall policy, which by default, is to send a TCP reset packet for a blocked TCP packet. You can use the command "sys firewall tcprst rst [on|off]" to change this policy. When the firewall mechanism blocks a UDP packet, it drops the packet without sending a response packet. Click Apply to save the settings. Click Reset to start configuring this screen again. 120 NBG-417N User's Guide