AT&T Inidv2 I3812v Urer Guide
Have a look at the manual AT&T Inidv2 I3812v Urer Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 164 ATT manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Configuring Firewall 47 6.Select the application you want to modify, click Edit; the selected profile page opens. 7.Modify any information, as necessary. 8.Click Add to List; a message appears informing you of the status and the information appears in the Definition List pane. Note: You are prompted to enter your password if one is set up.
iNID -- i3812V User Guide 48 Deleting Profiles You can delete only the profiles you created. Before deleting a user-defined profile, make sure to remove it from the Hosted Applications pane. 1.Open a Web browser and enter http://gateway.2Wire.net to access the 2Wire i3812V user interface. 2.Click on the Home page; the Firewall Status page opens. 3.Select Applications, Pinholes and DMZ; a page opens showing hosted applications. 4.Scroll to the Edit firewall settings for this computer pane. Note: If you have not created any profiles, the link will not appear.
Configuring Firewall 49 5.Click Edit or delete user-defined application; a page similar to the following opens. 6.Select the application you want to delete, click Delete. Allowing all Applications (DMZplus) DMZplus is a special firewall mode that is used for hosting applications. When in the DMZplus mode, the designated computer: Appears as if it is directly connected to the Internet. Has all unassigned TCP and UDP ports opened and pointed to it. Can receive unsolicited network traffic from the Internet. Note: The application you created will not appear here if it has been added to the Hosted Applications. Return to the previous page, select the application intended for modification, click Remove to return the application to the available application list. Note: Be sure to select the intended application. Once you click Delete, the application is deleted.
iNID -- i3812V User Guide 50 1.Open a Web browser and enter http://gateway.2Wire.net to access the 2Wire i3812V user interface. 2.Click on the Home page; the Firewall Status page opens. 3.Select Applications, Pinholes and DMZ; a page opens showing hosted applications. Caution: Use the DMZplus mode with caution! A computer in the DMZplus mode is less secure because all available por ts are open and all incoming Internet traffic is directed to this computer.
Configuring Firewall 51 4.Select the computer that you want to allow all applications. 5.Select the Allow all applications (DMZplus mode) button. 6.Click Save. 7.Confirm that the computer you selected in Step 1 is configured for DHCP. If it is not, configure it for DHCP. 8.Restar t the computer. When the computer restar ts, it receives a special IP address from the system and all unassigned TCP and UDP por ts are forwarded to it. Stopping DMZplus 1.Open a Web browser and enter http://gateway.2Wire.net to access the 2Wire i3812V user interface. 2.Click on the Home page; the Firewall Status page opens. 3.Select Applications, Pinholes and DMZ; a page opens showing hosted applications. Note: If the computer you want to select is unlisted because it is powered off and the “hide inactive devices” option is enabled; you still can select it as long as it is on the same network and you know its IP address. Replace “Enter IP address” with the intended IP address, then click Choose. Note: The above presentation shows half of the screen only.
iNID -- i3812V User Guide 52 4.Select the computer that you want to stop the DMZplus mode. 5.Select the Maximum protection button from the Edit firewall settings for this computer pane. 6.Click Save. 7.Access the computer that you selected in Step 1. 8.Restar t the computer. Customizing Firewall Configuration The i3812V comes with a set of default firewall settings that you can change to adapt to your environment. You can change the timeout sessions and protocol that you want to go through the firewall. 1.Open a Web browser and enter http://gateway.2Wire.net to access the 2Wire i3812V user interface. 2.Click on the Home page; the Firewall Status page opens. Note: If the computer you want to select is unlisted because it is powered off and the “hide inactive devices” option is enabled; you still can select it as long as it is on the same network and you know its IP address. Replace “Enter IP address” with the intended IP address, then click Choose.
Configuring Firewall 53 3.Click Advanced Configuration; the following page opens displaying the default settings.
iNID -- i3812V User Guide 54 4.Customize your Internet security. −Stealth Mode: When the Stealth Mode is selected, your computer is “invisible” to port-scanning programs. Consequently, no reply is received in response in their quest to gain unauthorized access to computers and servers. If your computer is always connected to Internet, it is good practice to select the Stealth Mode to prevent potential hacking to your computer. −Block Ping: When enabled, Block Ping blocks all ping requests. Ping is a basic Internet program that, when used without malicious intent, allows a user to verify that a par ticular IP address exists and can accept requests. Hackers can use ping to launch an attack against your network, because ping can determine the network’s IP address from the domain name. −Strict UDP Session Control: Enabling this feature provides increased security by preventing the i3812V from accepting packets sent from an unknown source over an existing connection. The ability to send traffic based on destination only is required by some applications. Enabling this feature may not allow some on-line applications to work properly. −UDP Session Timeout: Typically, the User Datagram Protocol (UDP) is used to exchange small data from one computer to another. Transmission Control Protocol (TCP) is used for larger data exchanges; therefore, the timeout setting for UDP is lower than that of TCP. −TCP Session Timeout: Transmission Control Protocol (TCP) is a connection-oriented protocol, which means that a connection is established and maintained until such time as the message(s) to be exchanged by the application programs at each end have been exchanged. The maximum timeout is 24 hours. 5.Select the protocol(s) from the Outbound Control pane that you allow the traffic from the network to pass through the firewall to the Internet. 6.Select items from the Attack Detection pane to prevent unauthorized access to your computers. −Excessive Session Detection: When enabled, the firewall detects applications on the local network that are creating excessive sessions out to the Internet. This activity is likely due to a virus or “worm” infected computer (for example, Blaster Worm). −TCP/UDP Por t Scan: A por t scan is a series of messages sent by someone attempting to break into a computer to learn which computer network ser vices, each associated with a well-known port number (such as UDP and TCP), the computer provides. When enabled, the firewall detects UDP and TCP por t scans, and drops the packet. Note: NetBIOS is primarily used for Local Area Network (LAN) communication. Typically, this protocol is not used on the Ethernet at large. For security reasons, it is blocked from the Internet to your local area network by default. Note: These are stateless firewall checks and apply to DMZPlus or routed mode.
Configuring Firewall 55 −Invalid Source/Destination IP address. When enabled, the firewall checks and verifies the following IP addresses: −IP source address (broadcast or multicast) −TCP destination IP address (not unicast) −If the IP source and destination address are the same −Invalid IP source received from private/home network −Packet Flood (SYN/UDP/ICMP/Other). When enabled, the firewall checks for SYN, UDP, ICMP, and other types of packet floods on the local and Internet-facing interfaces and stops the flood. −Invalid TCP Flag Attacks (NULL/XMAS/Other). When enabled, the firewall scans inbound and outbound packets for invalid TCP flag settings, and drops the packet to prevent SYN/FIN, NULL, and XMAS attacks. −Invalid ICMP Detection. The firewall checks for invalid ICMP/code types, and drops the packets. −Miscellaneous. The firewall checks for the following, and drops the packets or terminates the associated session: −Unknown IP protocol (drop packet) −Por t 0 attack detected (drop packet) −TCP SYN packet (drop packet) −Not a star t session packet (drop packet) −ICMP destination unreachable (terminate session) 7.Click Save; a message appears informing you of the operational status. Note: The packets are dropped when IP addresses cannot be verified.