Firewall Settings Flashcards
What is UPnP?
Universal Plug and Play is a protocol that enables devices to add themselves dynamically to a network without need for user intervention and configuration.
It is convenient but insecure.
It ahs no method for authenticating devices. It also has numerous security vulnerabilities.
For example, malware can redirect traffic, sending sensitive information to a hacker.
Many home and small businesses have this enabled by default. Hence you should disable it.
What is DMZ?
Demilitarized Zone is a network that provides services to an untrusted network.
An email, web, or FTP server is often placed into the DMZ so that the traffic using the server does not come inside the local network. This protects the internal network from attacks by this traffic but does not protect the servers in the DMZ in any way. It is common for a firewall to manage traffic to and from the DMZ.
How can a DMZ be configured on a wireless router?
On a wireless router, you can create a DMZ for one device by forwarding all traffic ports from the internet to a specific IP address or MAC address. A server, game machine, or web camera can be in the DMZ so that the device can be accessed by anyone.
What is port forwarding?
Hardware firewalls can be used to block TCP and UDP ports to prevent unauthorized access in and out of a LAN. However, there are situations when specific ports must be opened so that certain programs and applications can communicate with devices on different networks. Port forwarding is a rule-based method of directing traffic between devices on separate networks.
When traffic reaches the router, the router determines if the traffic should be forwarded to a certain device based on the port number found with the traffic. Port numbers are associated with specific services, such as FTP, HTTP, HTTPS, and POP3. The rules determine which traffic is sent on to the LAN. For example, a router might be configured to forward port 80, which is associated with HTTP. When the router receives a packet with the destination port of 80, the router forwards the traffic to the server inside the network that serves web pages.
What is MAC address filtering?
MAC address filtering is the process of deciding which MAC addresses are allowed on your network or blocked from sending data on your network.
Many wireless routers only give you the option of allowing or blocking MAC addresses, but not both. Technicians will typically configure allowed MAC addresses. The MAC address for your Windows computer can be found with the ipconfig /all command.