ZyXEL p-2302hw-p1 Manual Do Utilizador

P-2302HW/HWL-P1 Series User’s Guide

190

Chapter 14 Firewall

The LAN (Local Area Network) port attaches to a network of computers, which needs security 
from the outside world. These computers will have access to Internet services such as e-mail, 
FTP and the World Wide Web.  However, "inbound access" is not allowed (by default) unless 
the remote host is authorized to use a specific service.

1 Change the default password via web configurator.

2 Think about access control before you connect to the network in any way, including 

attaching a modem to the port.

3 Limit who can access your router.

4 Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled 

service could present a potential security risk. A determined hacker might be able to find 
creative ways to misuse the enabled services to access the firewall or the network.

5 For local services that are enabled, protect against misuse. Protect by configuring the 

services to communicate only with specific peers, and protect by configuring rules to 
block packets for the services at specific interfaces.

6 Protect against IP spoofing by making sure the firewall is active.

7 Keep the firewall in a secured (locked) room.

Figure 102   Firewall Rule Directions

LAN-to-WAN rules are local network to Internet firewall rules. The default is to forward all 
traffic from your local network to the Internet. 

You can block certain LAN-to-WAN traffic in the Services screen (click the Services tab). All 
services displayed in the Blocked Services list box are LAN-to-WAN firewall rules that block 
those services originating from the LAN.