Home » ZyXEL Manuals » Networking » ZyXEL P-660H-T1 v2 » Manual Viewer

ZyXEL P-660H-T1 v2 User Guide - Page 113

Denial of Service

Get ZyXEL P-660H-T1 v2 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 113 highlights

8.3.1 Denial of Service Attacks Figure 58 Firewall Application Chapter 8 Firewalls 8.4 Denial of Service Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources. The ZyXEL Device is pre-configured to automatically detect and thwart all known DoS attacks. 8.4.1 Basics Computers share information over the Internet using a common language called TCP/IP. TCP/ IP, in turn, is a set of application protocols that perform specific functions. An "extension number", called the "TCP port" or "UDP port" identifies these protocols, such as HTTP (Web), FTP (File Transfer Protocol), POP3 (E-mail), etc. For example, Web traffic by default uses TCP port 80. When computers communicate on the Internet, they are using the client/server model, where the server "listens" on a specific TCP/UDP port for information requests from remote client computers on the network. For example, a Web server typically listens on port 80. Please note that while a computer may be intended for use over a single port, such as Web on port 80, other ports are also active. If the person configuring or managing the computer is not careful, a hacker could attack it over an unprotected port. Some of the most common IP ports are: Table 34 Common IP Ports 21 FTP 53 DNS 23 Telnet 80 HTTP 25 SMTP 110 POP3 P-660H-Tx v2 User's Guide 113

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	9
Table of Contents	11
List of Figures	19
List of Tables	25
Introduction	29
Introducing the ZyXEL Device	31
1.1 Overview	31
1.2 Ways to Manage the ZyXEL Device	32
1.3 Good Habits for Managing the ZyXEL Device	33
1.4 LEDs	33
1.5 Splitters and Microfilters	34
1.5.1 Connecting a POTS Splitter	34
1.5.2 Telephone Microfilters	35
1.6 Hardware Connections	35
Introducing the Web Configurator	37
2.1 Web Configurator Overview	37
2.2 Accessing the Web Configurator	37
2.2.1 User Access	38
2.2.2 Administrator Access	38
2.3 Resetting the ZyXEL Device	40
2.3.1 Using the Reset Button	40
2.4 Navigating the Web Configurator	40
2.4.1 Navigation Panel	40
2.4.2 Status Screen	43
2.4.3 Status: Any IP Table	45
2.4.4 Status: Bandwidth Status	46
2.4.5 Status: Packet Statistics	47
2.4.6 Changing Login Password	48
Wizards	49
Wizard Setup for Internet Access	51
3.1 Introduction	51
3.2 Internet Access Wizard Setup	51
3.2.1 Automatic Detection	53
3.2.2 Manual Configuration	53
Bandwidth Management Wizard	59
4.1 Introduction	59
4.2 Predefined Media Bandwidth Management Services	59
4.3 Bandwidth Management Wizard Setup	60
Network	65
WAN Setup	67
5.1 WAN Overview	67
5.1.1 Encapsulation	67
5.1.2 Multiplexing	68
5.1.3 Encapsulation and Multiplexing Scenarios	68
5.1.4 VPI and VCI	69
5.1.5 IP Address Assignment	69
5.1.6 Nailed-Up Connection (PPP)	69
5.1.7 NAT	70
5.2 Metric	70
5.3 Traffic Shaping	70
5.3.1 ATM Traffic Classes	71
5.4 Zero Configuration Internet Access	72
5.5 Internet Connection	72
5.5.1 Configuring Advanced Internet Connection Setup	74
5.6 Configuring More Connections	76
5.6.1 More Connections Edit	77
5.6.2 Configuring More Connections Advanced Setup	80
5.7 Traffic Redirect	81
5.8 Configuring WAN Backup	82
LAN Setup	85
6.1 LAN Overview	85
6.1.1 LANs, WANs and the ZyXEL Device	85
6.1.2 DHCP Setup	86
6.1.3 DNS Server Address	86
6.2 LAN TCP/IP	86
6.2.1 IP Address and Subnet Mask	86
6.2.2 RIP Setup	88
6.2.3 Multicast	88
6.2.4 Any IP	89
6.3 Configuring LAN IP	90
6.3.1 Configuring Advanced LAN Setup	91
6.4 DHCP Setup	92
6.5 LAN Client List	93
6.6 LAN IP Alias	94
Network Address Translation (NAT) Screens	97
7.1 NAT Overview	97
7.1.1 NAT Definitions	97
7.1.2 What NAT Does	98
7.1.3 How NAT Works	98
7.1.4 NAT Application	98
7.1.5 NAT Mapping Types	99
7.2 SUA (Single User Account) Versus NAT	100
7.3 SIP ALG	100
7.4 NAT General Setup	101
7.5 Port Forwarding	102
7.5.1 Default Server IP Address	102
7.5.2 Port Forwarding: Services and Port Numbers	102
7.5.3 Configuring Servers Behind Port Forwarding (Example)	103
7.6 Configuring Port Forwarding	103
7.6.1 Port Forwarding Rule Edit	104
7.7 Address Mapping	105
7.7.1 Address Mapping Rule Edit	107
Security	109
Firewalls	111
8.1 Firewall Overview	111
8.2 Types of Firewalls	111
8.2.1 Packet Filtering Firewalls	111
8.2.2 Application-level Firewalls	112
8.2.3 Stateful Inspection Firewalls	112
8.3 Introduction to ZyXEL’s Firewall	112
8.3.1 Denial of Service Attacks	113
8.4 Denial of Service	113
8.4.1 Basics	113
8.4.2 Types of DoS Attacks	114
8.5 Stateful Inspection	116
8.5.1 Stateful Inspection Process	117
8.5.2 Stateful Inspection and the ZyXEL Device	118
8.5.3 TCP Security	118
8.5.4 UDP/ICMP Security	119
8.5.5 Upper Layer Protocols	119
8.6 Guidelines for Enhancing Security with Your Firewall	120
8.6.1 Security In General	120
8.7 Packet Filtering Vs Firewall	121
8.7.1 Packet Filtering:	121
8.7.2 Firewall	121
Firewall Configuration	123
9.1 Access Methods	123
9.2 Firewall Policies Overview	123
9.3 Rule Logic Overview	124
9.3.1 Rule Checklist	124
9.3.2 Security Ramifications	124
9.3.3 Key Fields For Configuring Rules	125
9.4 Connection Direction	125
9.4.1 LAN to WAN Rules	126
9.4.2 Alerts	126
9.5 General Firewall Policy	126
9.6 Firewall Rules Summary	127
9.6.1 Configuring Firewall Rules	129
9.6.2 Customized Services	132
9.6.3 Configuring a Customized Service	132
9.7 Example Firewall Rule	133
9.8 Predefined Services	137
9.9 Anti-Probing	139
9.10 DoS Thresholds	140
9.10.1 Threshold Values	140
9.10.2 Half-Open Sessions	141
9.10.3 Configuring Firewall Thresholds	141
Content Filtering	145
10.1 Content Filtering Overview	145
10.2 Configuring Keyword Blocking	145
10.3 Configuring the Schedule	146
10.4 Configuring Trusted Computers	147
Advanced Setup	149
Static Route	151
11.1 Static Route	151
11.2 Configuring Static Route	151
11.2.1 Static Route Edit	152
Bandwidth Management	155
12.1 Bandwidth Management Overview	155
12.2 Application-based Bandwidth Management	155
12.3 Subnet-based Bandwidth Management	155
12.4 Application and Subnet-based Bandwidth Management	156
12.5 Scheduler	156
12.5.1 Priority-based Scheduler	156
12.5.2 Fairness-based Scheduler	157
12.6 Maximize Bandwidth Usage	157
12.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic	157
12.6.2 Maximize Bandwidth Usage Example	157
12.6.3 Bandwidth Management Priorities	159
12.7 Over Allotment of Bandwidth	159
12.8 Configuring Summary	159
12.9 Bandwidth Management Rule Setup	160
12.9.1 Rule Configuration	162
12.10 Bandwidth Monitor	164
Dynamic DNS Setup	165
13.1 Dynamic DNS Overview	165
13.1.1 DYNDNS Wildcard	165
13.2 Configuring Dynamic DNS	165
Remote Management Configuration	169
14.1 Remote Management Overview	169
14.1.1 Remote Management Limitations	170
14.1.2 Remote Management and NAT	170
14.1.3 System Timeout	170
14.2 WWW	170
14.3 Telnet	171
14.4 Configuring Telnet	171
14.5 Telnet Login	172
14.6 Configuring FTP	173
14.7 SNMP	174
14.7.1 Supported MIBs	175
14.7.2 SNMP Traps	175
14.7.3 Configuring SNMP	175
14.8 Configuring DNS	177
14.9 Configuring ICMP	177
14.10 TR-069	178
Universal Plug-and-Play (UPnP)	181
15.1 Introducing Universal Plug and Play	181
15.1.1 How do I know if I'm using UPnP?	181
15.1.2 NAT Traversal	181
15.1.3 Cautions with UPnP	181
15.2 UPnP and ZyXEL	182
15.2.1 Configuring UPnP	182
15.3 Installing UPnP in Windows Example	183
15.3.1 Installing UPnP in Windows Me	183
15.3.2 Installing UPnP in Windows XP	184
15.4 Using UPnP in Windows XP Example	185
15.4.1 Auto-discover Your UPnP-enabled Network Device	186
15.4.2 Web Configurator Easy Access	189
Maintenance and Troubleshooting	193
System	195
16.1 General Setup	195
16.1.1 General Setup and System Name	195
16.1.2 General Setup	195
16.2 Time Setting	197
Tools	201
17.1 Firmware Upgrade	201
17.2 Configuration Screen	203
17.2.1 Backup Configuration	203
17.2.2 Restore Configuration	204
17.2.3 Back to Factory Defaults	205
17.3 Restart	205
Diagnostic	207
18.1 General Diagnostic	207
18.2 DSL Line Diagnostic	208
Logs	209
19.1 Logs Overview	209
19.1.1 Alerts and Logs	209
19.2 Viewing the Logs	209
19.3 Configuring Log Settings	210
19.3.1 Example E-mail Log	212
19.4 Log Descriptions	213
Troubleshooting	227
20.1 Power, Hardware Connections, and LEDs	227
20.2 ZyXEL Device Access and Login	228
20.3 Internet Access	230
Appendices and Index	231
Product Specifications	233
Internal SPTGEN	241
Setting up Your Computer’s IP Address	257
IP Addresses and Subnetting	273
Pop-up Windows, JavaScripts and Java Permissions	283
Firewall Commands	289
NetBIOS Filter Commands	295
Triangle Route	297
Legal Information	299
Customer Support	303

Match case Limit results 1 per page

Chapter 8 Firewalls

P-660H-Tx v2 User’s Guide

113

8.3.1

Denial of Service Attacks

Figure 58

Firewall Application

8.4

Denial of Service

Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the

Internet. Their goal is not to steal information, but to disable a device or network so users no

longer have access to network resources. The ZyXEL Device is pre-configured to

automatically detect and thwart all known DoS attacks.

8.4.1

Basics

Computers share information over the Internet using a common language called TCP/IP. TCP/

IP, in turn, is a set of application protocols that perform specific functions. An “extension

number”, called the "TCP port" or "UDP port" identifies these protocols, such as HTTP

(Web), FTP (File Transfer Protocol), POP3 (E-mail), etc. For example, Web traffic by default

uses TCP port 80.

When computers communicate on the Internet, they are using the client/server model, where

the server "listens" on a specific TCP/UDP port for information requests from remote client

computers on the network. For example, a Web server typically listens on port 80. Please note

that while a computer may be intended for use over a single port, such as Web on port 80,

other ports are also active. If the person configuring or managing the computer is not careful, a

hacker could attack it over an unprotected port.

Some of the most common IP ports are:

Table 34

Common IP Ports

FTP

DNS

Telnet

HTTP

SMTP

110

POP3