NetComm NB3100 Network Router User Manual


 
Rev.2 - YML630 www.netcomm.com.au
Cable/DSL Firewall Router Page 9
Chapter 1: Getting to know your NetComm Cable/DSL
Firewall Router
This chapter describes the package contents and provides a list of features of the NetComm
Cable/DSL Firewall Router.
1-1 About NetComm Cable/DSL Firewall Router
The NetComm Cable/DSL Firewall Router is a hybrid product, which combines Ethernet
technology with a firewall engine into a single stand-alone unit. The device allows you take
advantage of both security and fast connections. All computers on your LAN can securely share
files, printers and other network resources, as well as a single Internet account when connected
to a DSL/Cable modem.
Ethernet / Fast Ethernet
Ethernet is the most widely-used network access method, especially in LANs. It is defined by
the IEEE as 802.3 standard. Normally, Ethernet is a shared media LAN. All stations on the
segment share the total bandwidth, which could be 10Mbps (Ethernet), 100Mbps (Fast
Ethernet), or 1000Mbps (Gigabit Ethernet). With switched Ethernet, each sender and receiver
has the full bandwidth.
Fast Ethernet is defined as IEEE 802.3u standard, a high-speed version of Ethernet with
100Mbps transmission rate.
Firewall
DoS is the acronym for Denial of Service, which refers to the response when a computer or
network is overwhelmed to the point that it can no longer function normally. For example, a
hacker may use a fake IP address to build connections to flood the server they want to attack.
TCP works by sending a SYN packet to the server from the client. After the server receives the
SYN packet, a SYN-ACK is sent back to client. The server will then wait for a response to the
SYN-ACK. If the hacker sends hundreds of SYN packets to a server with a false address, the
server allocates computer and memory resources to establishing a connection - since the server
does not know a legitimate SYN message from a false message. By flooding the server with such
a large volume of requests, the server’s maximum capacity can easily be used by these false
attempts to establish a connection - this is what the firewall is designed to prevent.
SPI is the acronym of Stateful Packet Inspection. The SPI engine examines not just the headers
of the packet, but also the contents, to determine more about the packet than just its source and
destination information. Moreover, stateful inspection firewalls also close off ports until a
connection to the specific port is requested.