P-660R/H-D Series User’s Guide
13 Table of Contents
10.3.1 Denial of Service Attacks ......................................................................100
10.4 Denial of Service ............................................................................................100
10.4.1 Basics ...................................................................................................100
10.4.2 Types of DoS Attacks ...........................................................................101
10.4.2.1 ICMP Vulnerability ......................................................................103
10.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................103
10.4.2.3 Traceroute ...................................................................................104
10.5 Stateful Inspection ..........................................................................................104
10.5.1 Stateful Inspection Process ..................................................................105
10.5.2 Stateful Inspection and the Prestige .....................................................106
10.5.3 TCP Security .........................................................................................106
10.5.4 UDP/ICMP Security ..............................................................................107
10.5.5 Upper Layer Protocols ..........................................................................107
10.6 Guidelines for Enhancing Security with Your Firewall ....................................107
10.6.1 Security In General ...............................................................................108
10.7 Packet Filtering Vs Firewall ............................................................................109
10.7.1 Packet Filtering: ....................................................................................109
10.7.1.1 When To Use Filtering .................................................................109
10.7.2 Firewall .................................................................................................109
10.7.2.1 When To Use The Firewall ..........................................................109
Chapter 11
Firewall Configuration ......................................................................................... 112
11.1 Access Methods .............................................................................................112
11.2 Firewall Policies Overview .............................................................................112
11.3 Rule Logic Overview .....................................................................................113
11.3.1 Rule Checklist .......................................................................................113
11.3.2 Security Ramifications ..........................................................................113
11.3.3 Key Fields For Configuring Rules ......................................................... 114
11.3.3.1 Action ...........................................................................................114
11.3.3.2 Service .........................................................................................114
11.3.3.3 Source Address ...........................................................................114
11.3.3.4 Destination Address ....................................................................114
11.4 Connection Direction ......................................................................................114
11.4.1 LAN to WAN Rules ................................................................................114
11.4.2 Alerts .....................................................................................................115
11.5 Configuring Default Firewall Policy ..............................................................115
11.6 Rule Summary .............................................................................................. 116
11.6.1 Configuring Firewall Rules ..................................................................118
11.7 Customized Services .....................................................................................121
11.8 Configuring A Customized Service ...............................................................121
11.9 Example Firewall Rule ....................................................................................122
11.10 Predefined Services .....................................................................................126