Differences

This shows you the differences between two versions of the page.

web_gui:security_profile [2010/11/18 13:46]
tibor
web_gui:security_profile [2011/06/23 10:31] (current)
mats
Line 9: Line 9:
The main groups of settings controlling the firewall are: The main groups of settings controlling the firewall are:
 +
 +{{ :web_gui:security_profile.png?300|Security profile in rel 5.30}}
===== Allowed applications ===== ===== Allowed applications =====
Line 20: Line 22:
:!: Extreme security risk! Answering to ping-requests from Internet reveals your presence for attacks, e.g. "flood-pinging". [[wp>Ping]] :!: Extreme security risk! Answering to ping-requests from Internet reveals your presence for attacks, e.g. "flood-pinging". [[wp>Ping]]
-**SIP** Check box if you want the [[sip:start|SIP]] functionality to be allowed through.+**SIP** Check box if you want the [[sip:start|SIP]] functionality to be allowed through /answered. The IP address field could be filled in to allow only some IP addresses to send SIP traffic to the unit. Several IP addresses could be entered by using comma sign, dash or subnet notation.\\ 
 +Example: "1.2.3.4 - 1.2.3.8, 5.5.5.5, 6.7.8.9/24"
-**Remote configuration Web/Telnet/SNMP** Check box(es) if you want the configuration web interface (these pages), the command line interface (Telnet with port 57) or the SNMP server resp. to be accessible from the Internet. Choose if you want to use http (with port 66), https (with port 78), or both of them, when accessing the web pages from outside.+**Remote configuration Web/Telnet/SNMP** Check box(es) if you want the configuration web interface (these pages), the command line interface (Telnet with port 57) or the SNMP server resp. to be accessible from the Internet. The IP address/mask fields could be filled in to allow only one or a few IP addresses to access the configuration. Choose if you want to use http (with port 66), https (with port 78), or both of them, when accessing the web pages from outside.
(:!: Security risk!) [[wp>Telnet]] [[wp>SNMP]] (:!: Security risk!) [[wp>Telnet]] [[wp>SNMP]]
Line 115: Line 118:
**Block sites** Enter a list of sites (comma separated) users should not be able to access. Compares the hostname part of the URL - the part before the first "/". Do not include the starting "www." part. Sites with their full name matching are blocked. If you do not specify the top-level domain all domains are denied.\\ **Block sites** Enter a list of sites (comma separated) users should not be able to access. Compares the hostname part of the URL - the part before the first "/". Do not include the starting "www." part. Sites with their full name matching are blocked. If you do not specify the top-level domain all domains are denied.\\
-Example: "youtube.com,google" stops access to www.youtube.com, google.com, and google.co.uk, but allows youtube.co.uk, googlefight.com and en.wikipedia.org/wiki/google+Example: "youtube.com,google" stops access to %%www.youtube.com, google.com, and google.co.uk, but allows youtube.co.uk, googlefight.com and en.wikipedia.org/wiki/google%%
-**Block IP numbers** Block use of IP address in URL (eg http://213.136.58.99)+**Block IP numbers** Block use of IP address in URL (eg %%http://213.136.58.99%%)
**Block filetypes** Enter a list of file extensions (comma separated) users should not be able to download. Compares the path part of the URL - the part after the first "/". Include the starting dot. File types exactly matching the extensions are blocked.\\ **Block filetypes** Enter a list of file extensions (comma separated) users should not be able to download. Compares the path part of the URL - the part after the first "/". Include the starting dot. File types exactly matching the extensions are blocked.\\
web_gui/security_profile.1290084387.txt.gz · Last modified: 2010/11/18 13:46 by tibor
CC Attribution-Noncommercial-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0