1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Software
  5. VANTAGE CNM 2.0 -
  6. User manual

Introduction To Zyxel's Firewall; Denial Of Service; Table 12-1 Common Ip Ports - ZyXEL Communications Vantage CNM 2.0 User Manual

Centralized network management
Hide thumbs Also See for Vantage CNM 2.0:
Table of Contents

Advertisement

Vantage CNM 2.0
Firewalls, of one type or another, have become an integral part of standard security solutions for enterprises.

12.3 Introduction to ZyXEL's Firewall

The ZyXEL device firewall is a stateful inspection firewall and is designed to protect against Denial of Service
attacks when activated (in SMT menu 21.2 or in the web configurator). The ZyXEL device's purpose is to allow
a private Local Area Network (LAN) to be securely connected to the Internet. The ZyXEL device can be used to
prevent theft, destruction and modification of data, as well as log events, which may be important to the security
of your network. The ZyXEL device also has packet-filtering capabilities.
The ZyXEL device is installed between the LAN and a broadband modem connecting to the Internet. This
allows it to act as a secure gateway for all data passing between the Internet and the LAN.
The WAN (Wide Area Network) port attaches to the broadband modem (cable or ADSL) connecting to
the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which needs security from the
outside world. These computers will have access to Internet services such as e-mail, FTP, and the
World Wide Web. However, "inbound access" will not be allowed unless the remote host is authorized
to use a specific service.

12.4 Denial of Service

Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet. Their goal
is not to steal information, but to disable a device or network so users no longer have access to network
resources. The ZyXEL device is pre-configured to automatically detect and thwart all known DoS attacks.
12.4.1 Basics
Computers share information over the Internet using a common language called TCP/IP. TCP/IP, in turn, is a set
of application protocols that perform specific functions. An "extension number", called the "TCP port" or "UDP
port" identifies these protocols, such as HTTP (Web), FTP (File Transfer Protocol), POP3 (E-mail), etc. For
example, Web traffic by default uses TCP port 80.
When computers communicate on the Internet, they are using the client/server model, where the server "listens"
on a specific TCP/UDP port for information requests from remote client computers on the network. For example,
a Web server typically listens on port 80. Please note that while a computer may be intended for use over a
single port, such as Web on port 80, other ports are also active. If the person configuring or managing the
computer is not careful, a hacker could attack it over an unprotected port.
Some of the most common IP ports are:
21
23
25
12.4.2 Types of DoS Attacks
There are four types of DoS attacks:
1. Those that exploit bugs in a TCP/IP implementation.
2. Those that exploit weaknesses in the TCP/IP specification.
3. Brute-force attacks that flood a network with useless data.
12-2

Table 12-1 Common IP Ports

FTP
Telnet
SMTP
53
DNS
80
HTTP
110
POP3
Configuration > Firewall

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications Vantage CNM 2.0

Related Content for ZyXEL Communications Vantage CNM 2.0

Table of Contents