ZyXEL NBG334W User Guide - Page 132
Firewall, NBG334W User's Guide, Security > Firewall > Services
View all ZyXEL NBG334W manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 132 highlights
Chapter 12 Firewall Table 51 Security > Firewall > Services LABEL DESCRIPTION Do not respond to requests for unauthorized services Select this option to prevent hackers from finding the NBG334W by probing for unused ports. If you select this option, the NBG334W will not respond to port request(s) for unused ports, thus leaving the unused ports and the NBG334W unseen. By default this option is not selected and the NBG334W will reply with an ICMP Port Unreachable packet for a port probe on its unused UDP ports, and a TCP Reset packet for a port probe on its unused TCP ports. Note that the probing packets must first traverse the NBG334W's firewall mechanism before reaching this anti-probing mechanism. Therefore if the firewall mechanism blocks a probing packet, the NBG334W reacts based on the firewall policy, which by default, is to send a TCP reset packet for a blocked TCP packet. You can use the command "sys firewall tcprst rst [on|off]" to change this policy. When the firewall mechanism blocks a UDP packet, it drops the packet without sending a response packet. Service Setup Enable Services Select this check box to enable this feature. Blocking Available Services This is a list of pre-defined services (ports) you may prohibit your LAN computers from using. Select the port you want to block using the drop-down list and click Add to add the port to the Blocked Services field. Blocked Services This is a list of services (ports) that will be inaccessible to computers on your LAN once you enable service blocking. Custom Port A custom port is a service that is not available in the pre-defined Available Services list and you must define using the next two fields. Type Choose the IP port (TCP or UDP) that defines your customized port from the drop down list box. Port Number Enter the port number range that defines the service. For example, if you want to define the Gnutella service, then select TCP type and enter a port range from 6345 to 6349. Add Select a service from the Available Services drop-down list and then click Add to add a service to the Blocked Services Delete Select a service from the Blocked Services list and then click Delete to remove this service from the list. Clear All Click Clear All to empty the Blocked Services. Schedule to Block Day to Block: Select a check box to configure which days of the week (or everyday) you want service blocking to be active. Time of Day to Block (24-Hour Format) Select the time of day you want service blocking to take effect. Configure blocking to take effect all day by selecting All Day. You can also configure specific times by selecting From and entering the start time in the Start (hour) and Start (min) fields and the end time in the End (hour) and End (min) fields. Enter times in 24hour format, for example, "3:00pm" should be entered as "15:00". Misc setting Bypass Triangle Select this check box to have the NBG334W firewall ignore the use of triangle Route route topology on the network. Max NAT/Firewall Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions Session Per User that a host can create. Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. 132 NBG334W User's Guide