Zyxel-communications P-660H-D Series Uživatelský manuál Strana 104
- Strana / 421
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
P-660R/H-D Series User’s Guide
103 Chapter 10 Firewalls
the broadcast address of the network, the router will broadcast the ICMP echo request
packet to all hosts on the network. If there are numerous hosts, this will create a large
amount of ICMP echo request and response traffic. If a hacker chooses to spoof the
source IP address of the ICMP echo request packet, the resulting ICMP traffic will not
only clog up the "intermediary" network, but will also congest the network of the spoofed
source IP address, known as the "victim" network. This flood of broadcast traffic
consumes all available bandwidth, making communications impossible.
Figure 40 Smurf Attack
10.4.2.1 ICMP Vulnerability
ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:
10.4.2.2 Illegal Commands (NetBIOS and SMTP)
The only legal NetBIOS commands are the following - all others are illegal.
Table 29 ICMP Commands That Trigger Alerts
5 REDIRECT
13 TIMESTAMP_REQUEST
14 TIMESTAMP_REPLY
17 ADDRESS_MASK_REQUEST
18 ADDRESS_MASK_REPLY
Table 30 Legal NetBIOS Commands
MESSAGE:
REQUEST:
POSITIVE:
VE:
RETARGET:
KEEPALIVE:
- P-660R/H-D Series 1
- Copyright 3
- Federal Communications 4
- Commission (FCC) Interference 4
- Statement 4
- Certifications 5
- Safety Warnings 6
- ZyXEL Limited Warranty 7
- Customer Support 8
- Customer Support 8 9
- 9 Customer Support 10
- Table of Contents 11
- Chapter 11 14
- Chapter 16 16
- Chapter 17 16
- Appendix M 23
- 23 Table of Contents 24
- List of Figures 25
- List of Figures 30 31
- 31 List of Figures 32
- List of Tables 33
- About This User's Guide 37
- Syntax Conventions 37
- Related Documentation 37
- User Guide Feedback 38
- Graphics Icons Key 38
- CHAPTER 1 39
- High Speed Internet Access 40
- Firewall 40
- 1.4 Front Panel LEDs 43
- 1.5 Hardware Connection 44
- CHAPTER 2 45
- 2.1.2 Resetting the Prestige 46
- 2.2 Change Login Password 49
- CHAPTER 3 51
- CHAPTER 4 59
- LABEL DESCRIPTION 62
- CHAPTER 5 63
- 5.1.2 DHCP Setup 64
- 5.1.3 DNS Server Address 64
- 5.2 LAN TCP/IP 65
- 5.2.2 RIP Setup 66
- 5.2.3 Multicast 67
- 5.2.4 Any IP 67
- 5.2.4.1 How Any IP Works 68
- 5.3 Configuring LAN 69
- 69 Chapter 5 LAN Setup 70
- CHAPTER 6 71
- 6.1.2 Multiplexing 72
- 6.1.3 VPI and VCI 72
- 6.1.4 IP Address Assignment 72
- 6.2 Metric 73
- 6.3 PPPoE Encapsulation 74
- 6.4 Traffic Shaping 74
- 6.6 The Main WAN Screen 75
- 6.7 Configuring WAN Setup 76
- Chapter 6 WAN Setup 76 77
- Figure 24 WAN Setup (PPPoE) 77
- Table 17 WAN Setup 77
- 77 Chapter 6 WAN Setup 78
- 6.8 Traffic Redirect 79
- 6.9 Configuring WAN Backup 80
- Chapter 6 WAN Setup 80 81
- Figure 27 WAN Backup 81
- Table 18 WAN Backup 81
- Check WAN IP Address 82
- CHAPTER 7 83
- 7.1.2 What NAT Does 84
- 7.1.3 How NAT Works 84
- 7.1.4 NAT Application 85
- 7.1.5 NAT Mapping Types 85
- 7.3 SUA Server 86
- 7.4 Selecting the NAT Mode 88
- Table 22 NAT Mode 89
- CHAPTER 8 95
- Figure 35 Dynamic DNS 96
- Table 26 Dynamic DNS 96
- CHAPTER 9 97
- 97 Chapter 9 Time and Date 98
- Table 27 Time and Date 98
- CHAPTER 10 99
- 99 Chapter 10 Firewalls 100
- 10.4 Denial of Service 101
- 10.4.2 Types of DoS Attacks 102
- Chapter 10 Firewalls 102 103
- Figure 39 SYN Flood 103
- 10.4.2.1 ICMP Vulnerability 104
- 10.5 Stateful Inspection 105
- 105 Chapter 10 Firewalls 106
- 10.5.3 TCP Security 107
- 10.5.4 UDP/ICMP Security 108
- 10.5.5 Upper Layer Protocols 108
- 10.6.1 Security In General 109
- 10.7.1 Packet Filtering: 110
- 10.7.2 Firewall 110
- Chapter 10 Firewalls 110 111
- 111 Chapter 10 Firewalls 112
- CHAPTER 11 113
- 11.3 Rule Logic Overview 114
- 11.4 Connection Direction 115
- 11.4.2 Alerts 116
- 11.6 Rule Summary 117
- Table 33 Rule Summary 118
- Address 121
- 11.7 Customized Services 122
- 11.9 Example Firewall Rule 123
- 11.10 Predefined Services 127
- 11.11 Anti-Probing 129
- 11.12 DoS Thresholds 130
- 11.12.1 Threshold Values 131
- 11.12.2 Half-Open Sessions 131
- CHAPTER 12 135
- CHAPTER 13 139
- 13.2 Telnet 140
- 13.3 FTP 141
- 13.4 Web 141
- CHAPTER 14 143
- 14.2 UPnP and ZyXEL 144
- Table 45 Configuring UPnP 145
- Components selection box 146
- Figure 70 System Tray Icon 152
- Network 153
- CHAPTER 15 155
- 155 Chapter 15 Logs Screens 156
- Figure 75 Log Settings 156
- Table 46 Log Settings 156
- 15.3 Displaying the Logs 157
- 15.4 SMTP Error Messages 158
- 15.4.1 Example E-mail Log 159
- 159 Chapter 15 Logs Screens 160
- CHAPTER 16 161
- 16.7 Scheduler 163
- 16.8 Bandwidth Borrowing 166
- 16.11 Configuring Summary 168
- 16.12.1 DiffServ 170
- 16.13 Bandwidth Monitor 175
- CHAPTER 17 177
- 177 Chapter 17 Maintenance 178
- Figure 86 System Status 178
- Table 61 System Status 178
- 17.2.1 System Statistics 179
- 17.3 DHCP Table Screen 180
- 17.4 Any IP Table Screen 181
- 17.5 Diagnostic Screens 182
- Chapter 17 Maintenance 182 183
- 17.6 Firmware Upgrade 184
- Chapter 17 Maintenance 184 185
- Figure 92 Firmware Upgrade 185
- Table 67 Firmware Upgrade 185
- 185 Chapter 17 Maintenance 186
- Figure 94 Error Message 186
- CHAPTER 18 187
- Prestige 189
- ? > or 190
- CHAPTER 19 193
- CHAPTER 20 197
- Press ENTER to Confirm 199
- CHAPTER 21 201
- CHAPTER 22 205
- 22.4 IP Alias Setup 206
- 22.5 Route IP Setup 207
- Menu 4 Internet Access Setup 209
- CHAPTER 23 211
- 23.4 Remote Node Filter 217
- 23.5.3 Advance Setup Options 221
- CHAPTER 24 223
- CHAPTER 25 227
- 227 Chapter 25 Bridging Setup 228
- 229 Chapter 25 Bridging Setup 230
- CHAPTER 26 231
- 26.3 NAT Setup 233
- Menu 15.1.255 is read-only 234
- 26.3.1.3 Ordering Your Rules 236
- 26.5 General NAT Examples 238
- Figure 141 NAT Example 1 239
- Figure 143 NAT Example 2 240
- Figure 145 NAT Example 3 241
- Figure 150 NAT Example 4 244
- CHAPTER 27 247
- CHAPTER 28 249
- Len Length 253
- 28.4.1 TCP/IP Filter Rule 254
- 28.4.2 Generic Filter Rule 256
- Length= 0 257
- 28.5 Filter Types and NAT 258
- 28.6 Example Filter 258
- Table 93 Filter Sets Table 260
- 28.7.1 Ethernet Traffic 261
- 28.7.2 Remote Node Filters 261
- CHAPTER 29 263
- 29.2 Supported MIBs 264
- 29.3 SNMP Configuration 264
- 29.4 SNMP Traps 265
- CHAPTER 30 267
- 30.3 System Information 269
- 30.3.2 Console Port Speed 270
- 30.4 Log and Trace 271
- 30.4.2 Syslog and Accounting 272
- Figure 179 Syslog Example 273
- 30.5 Diagnostic 274
- CHAPTER 31 277
- 31.2 Backup Configuration 278
- 31.2.4 GUI-based FTP Clients 280
- 31.2.7 TFTP Command Example 281
- 31.3 Restore Configuration 282
- 31.4.1 Firmware File Upload 284
- 31.4.5 TFTP File Upload 286
- CHAPTER 32 289
- 32.2 Call Control Support 290
- 32.3 Time and Date Setting 291
- 32.3.1 Resetting the Time 292
- CHAPTER 33 295
- 33.4 System Timeout 297
- CHAPTER 34 299
- 34.4 IP Routing Policy Setup 300
- 34.5 Applying an IP Policy 303
- IP=0.0.0.0 306
- CHAPTER 35 309
- CHAPTER 36 313
- 36.3 Problems with the WAN 314
- Figure 207 Pop-up Blocker 316
- Figure 209 Internet Options 317
- 36.4.1.2 JavaScripts 318
- 3 Scroll down to Scripting 319
- 36.4.1.3 Java Permissions 320
- 36.4.1.3.1 JAVA (Sun) 321
- Figure 214 Java (Sun) 322
- 6 Then click the OK button 323
- Appendix A 325
- Product Specifications 325
- Table 115 Firmware 326
- Appendix B 329
- About ADSL 329
- 329 Appendix B About ADSL 330
- Appendix C 331
- Virtual Circuit Topology 331
- Appendix D 333
- Wall-mounting Instructions 333
- Appendix E 335
- Installing Components 336
- Configuring 337
- Windows 2000/NT/XP 338
- Macintosh OS 8/9 343
- Macintosh OS X 345
- Verifying Settings 346
- Using Configuration Files 348
- Appendix F 351
- IP Subnetting 351
- Subnet Masks 352
- Subnetting 352
- Example: Two Subnets 353
- 353 Appendix F IP Subnetting 354
- Table 121 Subnet 1 354
- Table 122 Subnet 2 354
- Example: Four Subnets 355
- Example Eight Subnets 356
- Appendix F IP Subnetting 356 357
- 357 Appendix F IP Subnetting 358
- Appendix G 359
- Boot Commands 359
- 359 Appendix G Boot Commands 360
- Appendix H 361
- Command Interpreter 361
- Appendix I 363
- Firewall Commands 363
- Appendix J 369
- Splitters and Microfilters 369
- Prestige With ISDN 370
- Appendix K 371
- How PPPoE Works 372
- Prestige as a PPPoE Client 372
- Appendix L 373
- Internal SPTGEN 373
- Command Examples 396
- Log Descriptions 397
- Table 143 System Error Logs 398
- Table 145 TCP Reset Logs 399
- Table 147 ICMP Logs 400
- Table 148 CDR Logs 400
- Table 149 PPP Logs 400
- Table 150 UPnP Logs 401
- Table 152 Attack Logs 402
- Table 153 IPSec Logs 403
- Table 154 IKE Logs 403
- Table 155 PKI Logs 406
- Table 157 802.1X Logs 408
- Table 158 ACL Setting Notes 409
- Table 159 ICMP Notes 409
- Table 160 Syslog Logs 410
- Log Commands 411
- Log Command Example 412
- Numerics 413
- 413 Index 414
- Index 414 415
- 415 Index 416
- Index 416 417
- 417 Index 418
- Index 418 419
- 419 Index 420
- Index 420 421
Související produkty a manuály pro Hardware Zyxel-communications P-660H-D Series
(309 stránky)
(133 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.039 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce