Netopia 6.3 User Manual

71

Section 4

Configure

Basic Firewall Background

As a device on the Internet, a Cayman Gateway requires an IP address in
order to send or receive traffic.

The IP traffic sent or received have an associated application port which is
dependent on the nature of the connection request. In the IP protocol
standard the following session types are common applications:

By receiving a response to a scan from a port or series of ports (which is the
expected behavior according to the IP standard), hackers can identify an
existing device and gain a potential opening for access to an internet-con-
nected device.

To protect LAN users and their network from these types of attacks, Break-
Water offers three levels of increasing protection.

The following tables indicate the state of ports associated with ses-
sion types, both on the WAN side and the LAN side of the Gateway.

This table shows how inbound traffic is treated. Inbound means the traffic is
coming from the WAN into the WAN side of the Gateway.

•

ICMP

•

HTTP

•

FTP

•

SNMP

•

telnet

•

DHCP

Gateway: WAN Side

BreakWater Setting >>

ClearSailing

SilentRunning

LANdLocked

Port

Session Type

--------------Port State-----------------------

20

ftp data

Enabled

Disabled

Disabled

21

ftp control

Enabled

Disabled

Disabled

23

telnet external

Enabled

Disabled

Disabled

23

telnet Cayman server

Enabled

Disabled

Disabled

80

http external

Enabled

Disabled

Disabled

80

http Cayman server

Enabled

Disabled

Disabled

67

DHCP client

Enabled

Enabled

Disabled

68

DHCP server

Not Applicable

Not Applicable

Not Applicable

161

snmp

Enabled

Disabled

Disabled

ping (ICMP)

Enabled

Disabled

Disabled