Panasonic bb-hgw700 User Manual
Operating Instructions
70
Notes
•
If the log output heading is unchecked, a log will not be recorded.
•
In order to improve security, it is necessary to manage your current software and update firmware
as appropriate.
as appropriate.
•
Communication using
global addresses
other than the
allocated global
address is forbidden.
global addresses
other than the
allocated global
address is forbidden.
Display when saving log: GOR
Prohibits communication using global addresses other than the
allocated global address. The allocated global address contains an
IPv6 side WAN address, and IPv6 addresses which have a LAN side
prefix/prefix length. In factory default settings Communication using
global addresses other than the allocated global address is
forbidden and Log Output are both checked.
Prohibits communication using global addresses other than the
allocated global address. The allocated global address contains an
IPv6 side WAN address, and IPv6 addresses which have a LAN side
prefix/prefix length. In factory default settings Communication using
global addresses other than the allocated global address is
forbidden and Log Output are both checked.
IPv6 Stealth Mode
•
•
Stealth Mode can
hide this product from
WAN (Internet) side
IPv6 network.
hide this product from
WAN (Internet) side
IPv6 network.
Display when saving log: STL
It is possible to set this product to not respond to IPv6 Pings etc.
from the WAN (Internet) side. Therefore it can escape the attacker's
existence verification produced by IPv6 Pings etc. It will also not
respond to UDP/TCP port scans. In factory default settings Stealth
Mode can hide this product from WAN (Internet) side IPv6 network
and Log Output are both checked.
It is possible to set this product to not respond to IPv6 Pings etc.
from the WAN (Internet) side. Therefore it can escape the attacker's
existence verification produced by IPv6 Pings etc. It will also not
respond to UDP/TCP port scans. In factory default settings Stealth
Mode can hide this product from WAN (Internet) side IPv6 network
and Log Output are both checked.
•
Regard Ident packet
as an exception
as an exception
Display when saving log: STL (Ident)
When clients try to send/receive E-mail, There is E-mail server that
authenticates E-mails to/from clients. This authentication uses
recognition protocol, which uses TCP port number 113. The
authentication level is relatively low so there are not many cases
where clients are unable to send /receive E-mails. In factory default
settings Regard Ident packet as an exception and Log Output are
both checked.
When clients try to send/receive E-mail, There is E-mail server that
authenticates E-mails to/from clients. This authentication uses
recognition protocol, which uses TCP port number 113. The
authentication level is relatively low so there are not many cases
where clients are unable to send /receive E-mails. In factory default
settings Regard Ident packet as an exception and Log Output are
both checked.
IPv6 Intrusion
Detection
Detection
When using the intrusion detection function, check the box next to
each heading.
each heading.
•
IPv6 Stateful packet
inspection (Dynamic
packet filtering) is
enabled.
inspection (Dynamic
packet filtering) is
enabled.
Display when saving log: SPI
If a packet being received from the WAN side is inspected, and
judged to be a corrupt packet, it is destroyed. By comparing the
packet to static filtering (packet filtering through header information),
Internet data can be sent more safely. In factory default settings IPv6
Stateful packet inspection (Dynamic packet filtering) is enabled and
Log Output are both checked.
If a packet being received from the WAN side is inspected, and
judged to be a corrupt packet, it is destroyed. By comparing the
packet to static filtering (packet filtering through header information),
Internet data can be sent more safely. In factory default settings IPv6
Stateful packet inspection (Dynamic packet filtering) is enabled and
Log Output are both checked.
•
IPv6 Attack Detection
is enabled.
is enabled.
Display when saving log: DoS
Harmful data from the WAN side is detected, and the packet is
destroyed. A detection record is noted in the log.
The following types of attacks can be detected:
•
Harmful data from the WAN side is detected, and the packet is
destroyed. A detection record is noted in the log.
The following types of attacks can be detected:
•
TCP Scan
•
UDP Scan
•
ICMP Echo