Today is an era where hackers are common (this is 2cto.com's slogan). When you stay at your home and access the Internet, you may be "shot". attacks from time to time will definitely make your head big. Fortunately, many broadband cats have built-in firewall functions. If we enable this function, we can make our ADSL Internet access more secure and more secure.
I. login to broadband cats
There are many ways to log on to the broadband cat. For the convenience of the article, here we log on using what we see is what we get from WEB management.
Open IE, enter the IP address of the broadband cat in the address bar, and press Enter. The logon box shown appears. Enter the user name and password, and click OK. Now we can see the configuration interface of the broadband cat.
Tip: You can enter the IP address of a broadband cat according to the instructions!
2. configure the firewall
Click to expand the "service" list and select the "firewall" command item. Then, we can see the detailed configuration items of the firewall on the right side of the window. The following describes the configurations of the firewall.
Blacklist
At the top is the "black list status" setting, that is, whether to Enable the black list filtering status of broadband cats, Enable is enabled, and Disable is disabled. We recommend that you Enable this option. In addition, there is a blacklist cycle (minutes), that is, the IP address of the specified computer will be in the blacklist state within the specified time (in minutes.
Attack Protection
The purpose of enabling the firewall is to prevent attacks from others. Therefore, the "Attack Protection" option is set to "Enable", so that the firewall protection function of the broadband cat can be enabled; for "DOS Protection", we recommend that you select "Enable" to Enable service protection for various DOS attacks.
Max connection
The options include "Max Half Open TCP connection", "Max ICMP Connection", and "Max single host connection. "Max Half-Open TCP connection" is used to set the percentage of the current IP connection opened in an incomplete open state. When a TCP connection is not fully open, all available IP address connections may be exhausted. If the percentage exceeds the value set here, the connection that is not fully open will be closed, there will be a new connection to replace it; "Max ICMP Connection" is the percentage of the current connections set to manage ICMP packet transmission. If the percentage exceeds the set value, the new connection will replace the old connection to start data transmission; the final "Max single host connection" is mainly used to set the percentage of connections from a single computer using the current IP address. When setting this percentage, consider the number of computers in the LAN.
Log target
It is mainly used to set the storage location of firewall attack events in log targets. The "Trace" option indicates that the record is sent to the system, that is, stored in the cat. The "Email" option indicates that the record is sent to the specified administrator mailbox. We recommend that you select this option. The following Admin 1 (/2/3) email ID is used to set the Administrator's mailbox address. It is mainly used to receive reports of attacks against the firewall, the specific content of the report includes "attack time", "source IP address of the computer under attack", "target IP Address", and "used protocol.
Based on the preceding instructions, select and configure each project, and click Submit to save the configuration information.
3. rectify the troublemakers and add them to the blacklist
If you are always on the internet, you may find that your shoes are wet. If you are on the Internet, you may find an attack. It is a matter of course that attackers can correct and blacklist the shoes. When the firewall system of the broadband cat confirms that a data packet has an attack behavior or is compatible with IP address filtering rules, during the period specified in the previous "blacklist period (period, the firewall automatically blocks the source IP address of such data packets.
Click the "Blacklist" button at the bottom of the "firewall settings" page to bring up the corresponding page, from which we can see the details of the troublemakers.
"Host IP Address" is the IP address of the computer that records the attack data packets; "Reason" is a brief description of the attack type; "IPF rule ID" if the data packet violates the IP address filtering rules, the rule ID is displayed in this box. If you want to unseal the entries in the blacklist before it is automatically removed, and want to delete the entries in the list, you can perform operations in the "operation" column.
How can I feel relieved with this simple configuration. In fact, many of our ADSL Modem have such a function. As long as simple configuration is made, it will be much safer to access the Internet.