User's Guide
Table Of Contents
- 1 Package Contents
- 2 Introduction to the Interface
- 3 Connecting and Configuring the MPC8377EWLAN Wireless Router
- 3.1 Connecting the MPC8377EWLAN Wireless Router (Wired Computing)
- 3.2 Connecting the MPC8377EWLAN Wireless Router (Wireless Computing)
- 3.3 Setting Up the IP Address
- 3.4 Configuring the MCP8377EWLAN Wireless Router
- 3.5 Changing the Operation Mode
- 3.6 Selecting DynDNS Settings
- 3.7 Firewalls
- 4 Selecting or Changing System Items
- 5 Status
- 6 VPN
- 7 Managing Storage, Samba, and File Editing in NAS
- 8 Intrusion Detection Systems
- 9 Intrusion Prevention Systems
- 10 Logout
MPC8377EWLAN Wireless Router SW User’s Guide 68
Figure 8-2. IDS, Snort
8.1.1 Snort
Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious
behavior through protocol analysis, content searching, and various pre-processors. Snort uses a flexible
rule-based language to describe traffic that it should collect or pass a modular detection engine. Perform
the following steps as shown in Figure 8-2:
1. Under Snort section, in the Snort, click Enable to turn on the IDS function.
2. From the Interface Name drop-down list, select eth0 (WAN port).
3. In the Send Log by syslog, click Enable.
8.1.2 Snort Rules
The snort rules define the detect type. Perform the following steps to set snort rules.
1. Under Snort Rules section in the Port Scan Detection, click Enable.
2. In the DoS Detection, click Enable.
3. In the DDos Scan, click Enable.
4. In the Bad-traffic, click Enable.
5. In the FTP, click Enable.
6. In the Telnet, click Enable.
7. In the Netbios, click Enable.
8.2 Alert (IDS Alert Event)
Click Alert. Figure 8-3 shows a log of intrusion alerts.