Actual combat Broadband ADSL firewall configuration _ network surfing

Now is the era of the hacker civilian, stay in their home on the internet are likely to be "shot", and occasionally attack you, will make you head big. Fortunately, many broadband cats have built-in firewall function, as long as we open the function, we can make our ADSL internet more secure, more secure.

First, landing broadband cats.

There are many ways to access a broadband cat, in order to facilitate the article description, we here in the WYSIWYG Web management method landing.
Open IE Browser, in the Address bar to enter a broadband cat's IP, press ENTER, appear as shown in Figure 1 Landing box, enter the username and password, click "OK" button. Then we can see the Broadband cat configuration interface.
Hint: Broadband Cat IP can refer to the specification input!

Second, configure the firewall.

Click to expand the Services list and select the Firewall command entry, where we can see a detailed configuration item for the firewall on the right side of the window (Figure 2). The following is a description of the firewall configuration to the reader.

Blacklist

The top is the "blacklist status" setting, that is, whether to enable the broadband cat blacklist filtering status, "Enable" to Enable, "Disable" for disabled, it is recommended to enable the item. In addition to the blacklist cycle (minutes), is the specified time (in minutes) within the designated computer's IP address will be in the blacklist state.

Attack protection

The purpose of our firewall is to guard against other people's attacks, so the "attack protection" option is set to "enable" to enable the firewall protection of the broadband cat, and for "DOS protection", it is also recommended to choose Enable. This allows you to start service protection for a variety of Dos attacks, recommended for selection.

Max connection

This includes a total of three options, "Max Half-open TCP join", "Max ICMP connection" and "Max Single host Connection". Where the "Max Half-open TCP join" is used to set the percentage of the current IP connection opening in an incomplete open state. A TCP connection may run out of all available IP connections in an incomplete open state, and if the percentage exceeds the value set here, then the incomplete open connection is closed and a new connection is replaced; Max ICMP connection is the percentage of the current number of connections set up to manage ICMP packet transfers. If the percentage exceeds the set value at this point, the new connection will begin to transfer data instead of the old one; the final "Max single host Connection" is used to set the percentage of the current IP connection for a single computer. When setting this percentage, consider the number of computers in the local area network.

Log target

In the log target, it is mainly used to set the record location of the firewall's attack events. The "Trace" option means that it is sent to the system, which is stored in the cat; the "Email" option indicates that the record is sent to the specified administrator mailbox. It is recommended that you select this item. The following admin 1 (/2/3) e-mail id is used to set the administrator's mailbox address. It is primarily used to receive reports of firewall attacks, including "Attack Time", "Source IP address of the attacking computer", "Destination IP Address", "protocol used", and so on. According to the above instructions, choose to configure each item and click the "Submit" button to save the configuration information.

Third, the trouble-maker, the list on the list

Often on the internet, where there is no wet shoes, in the network, there will be attacks, to correct the troublemakers and put them on the list of the blacklist that is for granted. When a broadband cat's firewall system confirms that a packet has an aggressive behavior or is compatible with the IP filtering rules, the firewall will automatically block the source IP address of this packet for a period of time set by the previous "blacklist period".

Clicking the Blacklist button at the bottom of the firewall Settings page in Figure 2 pops up the page shown in Figure 3, where we can see the details of the troublemakers.

Where "host IP address" is the IP address of the computer that logs the packet of attack; "Reason" is a short description of the type of attack; "IPF rule ID" if the packet violates the IP filtering rule, then the ID number of the rule is displayed in this box. If the user wants to remove an entry from the list before it is automatically unblocked, you can do so in the Action column.

How, through such a simple configuration, is not feel more relieved. In fact, many of our ADSL modem have such a function, as long as the simple configuration, then the Internet will be more secure.