Patton electronic 3241 Modem User Manual


 
Intrusion Detection System (IDS) 91
Model 3201 G.SHDSL Integrated Access Device User Guide 6 • Security
After configuring the FTP portfilter, you can open an ftp session from Remote to Local, however you can issue
ftp commands (e.g., login, cd, etc.) but transfer data (e.g., ls, dir, get, put commands). The portfilter allows an
ftp control channel but does not allow the use of a secondary data channel for passing data by ftp.
To enable the ftp data channel, add a trigger which will open a secondary channel only when data is being
passed. This prevents the need to open too many ports which offer a security risk.
1. From the Configuration Menu, > Configuration > Security > Firewall Trigger Configuration > New Trig-
ger.
2. Set the parameters as follows:
Transport Type = tcp
Port Number Start = 21
Port Number End = 21
Allow Multiple Hosts = Block
Max Activity Interval = 3000
Enable Session Chaining = Block
Enable UDP Session Chaining = Block
Binary Address Replacement = Block
Address Translation Type = none
3. Click on Apply.
You should now be able to use ftp commands to pass data between Remote and Local.
Intrusion Detection System (IDS)
The security feature in the 3201 Router modem provides protection from a number of attacks. Some attacks
cause a host to be blacklisted (i.e., no traffic from that host is accepted under any circumstances) for a period of
time. Other attacks are simply logged. The subsequent table is a summary of the attacks detected.
Table 4:
Attack Name Protocol
Attacking Host
Blacklisted?
Ascend Kill UDP yes
Echo/Chargen UDP no
Echo Scan UDP yes