5 intrusion detection – Sagem SAGEMFAST 1500WG User Manual

4 - Configuring the SAGEM F@st™ 1500 ADSL router

SAGEM F@st™ 1500 Reference Manual - 288053220-04

Reproduction and communication prohibited without the written permission of

E

E

E

E

Page 4-43

4.8.5 Intrusion

Detection

1) Intrusion Detection Feature

Stateful Packet Inspection (SPI) and Anti-DoS firewall protection (Default: Enabled) - The
Intrusion Detection Feature of the

SAGEM F@st™ 1500 ADSL Router

limits access for incoming

traffic at the WAN port. When the SPI feature is turned on, all incoming packets will be blocked
except for those types marked in the Stateful Packet Inspection section.

RIP Defect (Default: Enabled) - If an RIP request packet is not acknowledged to by the router, it
will stay in the input queue and not be released. Accumulated packets could cause the input
queue to fill, causing severe problems for all protocols. Enabling this feature prevents the
packets from accumulating.

Discard Ping to WAN (Default: Disabled) - Prevent a ping on the

ADSL Router

’s WAN port from

being routed to the network.

2) Stateful Packet Inspection

This is called a “stateful” packet inspection because it examines the contents of the packet to
determine the state of the communications; i.e., it ensures that the stated destination computer
has previously requested the current communication. This is a way of ensuring that all
communications are initiated by the recipient computer and are taking place only with sources
that are known and trusted from previous interactions. In addition to being more rigorous in their
inspection of packets, stateful inspection firewalls also close off ports until connection to the
specific port is requested.