1. Log in to the broadband cat
There are many ways to log in to broadband cats. In order to facilitate the article explanation, we log in here using the WYSIWYG WYG WEB management method.
Open IE browser, enter the IP of Broadband Cat in the address bar and press Enter. The login box shown appears, enter the user name and password and click the "OK" button. At this time, we can see the configuration interface of the broadband cat.
Tip: The IP of the broadband cat can be entered in accordance with the instructions!
2. Configure a firewall
Click to expand the "Services" list and select the "Firewall" command item. At this time, we can see the detailed configuration items of the firewall on the right side of the window. Below we will introduce the various configurations of the firewall to readers.
Blacklist
At the top is the "Blacklist Status" setting, that is, whether to enable the blacklist filtering status of broadband cats. "Enable" is enabled and "Disable" is disabled. It is recommended to enable this item. In addition, there is a blacklist period (minutes), which means that the IP address of the computer specified within the specified time (in minutes) will be in the blacklist state.
Attack protection
The purpose of starting the firewall is to prevent other people's attacks. Therefore, the "Attack Protection" option is of course set to "Enable", so that the firewall protection function of broadband cats can be enabled; and for "DOS Protection", it is also recommended to select "Enable", which can enable the service protection function for various DOS attacks. It is recommended to select it.
Max Connection
Here, there are three options: "Max semi-open TCP connection", "Max ICMP connection" and "Max single host connection". Among them, "Max half-open TCP connection" is used to set the percentage of the current IP connection open in the incomplete open state. TCP connections may exhaust all available IP connections when incomplete open state. If the percentage exceeds the value set here, the incomplete open connection will be closed and a new connection will replace it; "Max ICMP connection" is the percentage of the current number of connections set to manage the transmission of ICMP packets. If the percentage exceeds the set value at this time, the new connection will replace the old connection and start transmitting data; the last "Max Single Host Connection" is mainly used to set the percentage of a single computer that can use the current IP connection. When setting this percentage, consider the number of computers in the LAN.
Log Target
The log target is mainly used to set the location of the recording of the firewall attack events. The "Trace" option means sending to the system, that is, saving it in the cat; the "Email" option means sending the record to the specified administrator mailbox. It is recommended to select this item. The E-mail ID of Admin 1(/2/3) below is used to set the administrator's mailbox address. It is mainly used to receive reports of firewall being attacked. The specific contents of the report include "attack time", "the source IP address of the computer that was conducting the attack", "the target IP address", "the protocol used", etc.
According to the above instructions, after selecting and configuring each project, click the "Submit" button to save the configuration information.
3. Reconcile those who make trouble and put them on the blacklist
If you often go online, there are no one who doesn’t get wet. When you are on the Internet, you will have attacks. It is natural to pick up troublemakers and blacklist them. When the broadband cat's firewall system confirms that a packet has an attack or is in line with the IP filtering rules, the firewall will automatically block the source IP address of such packets for a period of time set by the previous "blacklist period (cycle)".
Click the "Blacklist" button at the bottom of the "Firewall Settings" page and the corresponding page will pop up, from which we can see the detailed information of the troublemaker.
The "host IP address" is the IP address of the computer that issued the attack packet; the "Reason" is a brief description of the attack type; the "IPF rule ID" If the packet violates the IP filtering rules, then the ID number of the rule is displayed in this box. If the user wants the blacklist to unblock before it automatically unblocks and wants to delete the entries in the list, then he can operate in the "Operation" column.
How to use such a simple configuration, do you feel much more at ease? In fact, many of our ADSL Modem have such functions. As long as they are configured simply, they will be much safer when surfing the Internet.
There are many ways to log in to broadband cats. In order to facilitate the article explanation, we log in here using the WYSIWYG WYG WEB management method.
Open IE browser, enter the IP of Broadband Cat in the address bar and press Enter. The login box shown appears, enter the user name and password and click the "OK" button. At this time, we can see the configuration interface of the broadband cat.
Tip: The IP of the broadband cat can be entered in accordance with the instructions!
2. Configure a firewall
Click to expand the "Services" list and select the "Firewall" command item. At this time, we can see the detailed configuration items of the firewall on the right side of the window. Below we will introduce the various configurations of the firewall to readers.
Blacklist
At the top is the "Blacklist Status" setting, that is, whether to enable the blacklist filtering status of broadband cats. "Enable" is enabled and "Disable" is disabled. It is recommended to enable this item. In addition, there is a blacklist period (minutes), which means that the IP address of the computer specified within the specified time (in minutes) will be in the blacklist state.
Attack protection
The purpose of starting the firewall is to prevent other people's attacks. Therefore, the "Attack Protection" option is of course set to "Enable", so that the firewall protection function of broadband cats can be enabled; and for "DOS Protection", it is also recommended to select "Enable", which can enable the service protection function for various DOS attacks. It is recommended to select it.
Max Connection
Here, there are three options: "Max semi-open TCP connection", "Max ICMP connection" and "Max single host connection". Among them, "Max half-open TCP connection" is used to set the percentage of the current IP connection open in the incomplete open state. TCP connections may exhaust all available IP connections when incomplete open state. If the percentage exceeds the value set here, the incomplete open connection will be closed and a new connection will replace it; "Max ICMP connection" is the percentage of the current number of connections set to manage the transmission of ICMP packets. If the percentage exceeds the set value at this time, the new connection will replace the old connection and start transmitting data; the last "Max Single Host Connection" is mainly used to set the percentage of a single computer that can use the current IP connection. When setting this percentage, consider the number of computers in the LAN.
Log Target
The log target is mainly used to set the location of the recording of the firewall attack events. The "Trace" option means sending to the system, that is, saving it in the cat; the "Email" option means sending the record to the specified administrator mailbox. It is recommended to select this item. The E-mail ID of Admin 1(/2/3) below is used to set the administrator's mailbox address. It is mainly used to receive reports of firewall being attacked. The specific contents of the report include "attack time", "the source IP address of the computer that was conducting the attack", "the target IP address", "the protocol used", etc.
According to the above instructions, after selecting and configuring each project, click the "Submit" button to save the configuration information.
3. Reconcile those who make trouble and put them on the blacklist
If you often go online, there are no one who doesn’t get wet. When you are on the Internet, you will have attacks. It is natural to pick up troublemakers and blacklist them. When the broadband cat's firewall system confirms that a packet has an attack or is in line with the IP filtering rules, the firewall will automatically block the source IP address of such packets for a period of time set by the previous "blacklist period (cycle)".
Click the "Blacklist" button at the bottom of the "Firewall Settings" page and the corresponding page will pop up, from which we can see the detailed information of the troublemaker.
The "host IP address" is the IP address of the computer that issued the attack packet; the "Reason" is a brief description of the attack type; the "IPF rule ID" If the packet violates the IP filtering rules, then the ID number of the rule is displayed in this box. If the user wants the blacklist to unblock before it automatically unblocks and wants to delete the entries in the list, then he can operate in the "Operation" column.
How to use such a simple configuration, do you feel much more at ease? In fact, many of our ADSL Modem have such functions. As long as they are configured simply, they will be much safer when surfing the Internet.