Security In General - ZyXEL Communications ZyXEL ZYWALL10 User Manual

Internet security gateway

Hide thumbs Also See for ZyXEL ZYWALL10:

User manual (536 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

Table of Contents

ZyWALL 10 Internet Security Gateway

Think about access control before you connect a console port to the network in any way, including

attaching a modem to the port. Be aware that a break on the console port might give unauthorized

individuals total control of the firewall, even with access control configured.

Limit who can telnet into your router.

Don't enable any local service (such as SNMP or NTP) that you don't use. Any enabled service could

present a potential security risk. A determined hacker might be able to find creative ways to misuse the

enabled services to access the firewall or the network.

For local services that are enabled, protect against misuse. Protect by configuring the services to

communicate only with specific peers, and protect by configuring rules to block packets for the services

at specific interfaces.

Protect against IP spoofing by making sure the firewall is active.

Keep the firewall in a secured (locked) room.

13.5.1 Security In General

You can never be too careful! Factors outside your firewall, filtering or NAT can cause security breaches.

Below are some generalizations about what you can do to minimize them.

Encourage your company or organization to develop a comprehensive security plan. Good network

administration takes into account what hackers can do and prepares against attacks. The best defense

against hackers and crackers is information. Educate all employees about the importance of security and

how to minimize risk. Produce lists like this one!

DSL or cable modem connections are "always-on" connections and are particularly vulnerable because

they provide more opportunities for hackers to crack your system. Turn your computer off when not in

use.

Never give out a password or any sensitive information to an unsolicited telephone call or e-mail.

Never e-mail sensitive information such as passwords, credit card information, etc.,without encrypting

the information first.

Never submit sensitive information via a web page unless the web site uses secure connections. You can

identify a secure connection by looking for a small "key" icon on the bottom of your browser (Internet

Explorer 3.02 or better or Netscape 3.0 or better). If a web site uses a secure connection, it is safe to

submit information. Secure web transactions are quite difficult to crack.

Never reveal your IP address or other system networking information to people outside your company.

Be careful of files e-mailed to you from strangers. One common way of getting BackOrifice on a system

is to include it as a Trojan horse with other files.

13-10

What Is a Firewall?

Table of Contents

Troubleshooting

This manual is also suitable for:

Zywall 10

Security In General - ZyXEL Communications ZyXEL ZYWALL10 User Manual

13.5.1 Security In General

Troubleshooting

Related Manuals for ZyXEL Communications ZyXEL ZYWALL10

Related Content for ZyXEL Communications ZyXEL ZYWALL10

This manual is also suitable for:

Table of Contents