Filter
Top Products
Create A Secure Network With Allied Telesis Managed Layer 3 Switches 25
Protecting the user
z How To Configure Microsoft® Windows XP Virtual Private Network (VPN) client interoperability
without NAT-T support
z How To Configure Microsoft® Windows XP Virtual Private Network (VPN) client interoperability
with NAT-T support
z How To Configure IPsec VPN Between Microsoft ISA Server 2004 and an Allied Telesyn Router
Client
z How To Create a VPN between an Allied Telesis and a SonicWALL router, with NAT-T
z How To Create a VPN between an Allied Telesis and a NetScreen router
z How To Troubleshoot A Virtual Private Network (VPN)
Protecting against worms
In the recent history of the Internet, the danger has shifted from viruses to worms. Viruses
need humans to transfer them from system to system, for example, by downloading a
program. Worms transfer themselves from system to system without human interaction. The
most successful worms exploit Microsoft Windows vulnerabilities because of the prevalence
of these operating systems. Commonly, a worm causes the same kind of damage to a system
as a virus.
Worms and viruses generally exploit flaws in PC operating systems. There are no known
worms that affect AlliedWare. In fact, you can configure Allied Telesis switches to protect
your network PCs and servers from both internal and external attack from worms.
In an Allied Telesis switched network (where no hubs exist), the switches can forward or
drop every packet on the basis of specific criteria. You can employ this packet inspection at
no cost to network performance. Therefore, you can configure an Allied Telesis switch to
check for packets that appear to exploit a TCP or UDP port that a known worm attacks.
An example of a worm that exploits a port-based vulnerability is the W32.Slammer worm.
This worm caused significant denial of service problems several years ago. It propagates via
UDP Port
1
434, which is the port used by SQL server traffic. All network administrators
should have patched their SQL Server 2000 systems against this worm, but we will use it as
an example.
Blocking worms through classifier-based filters
On Rapier, Rapier i, AT-8800, AT-8700XL and AT-8600
Series switches, use classifier-based hardware filters to
block traffic from a worm.
1. Find out which UDP or TCP port the worm attacks.
2. Create a classifier to match traffic arriving at a target
switch port, using that UDP or TCP port.
Target switch ports must not be attached to clients who
legitimately need to access the UDP or TCP port.
3. Create a filter that uses the classifier and discards
matching traffic.
Products
AT-8600 Series
AT-8700XL Series
Rapier i Series
Rapier Series
AT-8800 Series
Software Versions
All
Configuration