Reference Guide
Security 16-1
CC
CC
hh
hh
aa
aa
pp
pp
tt
tt
ee
ee
rr
rr
11
11
66
66
SS
SS
ee
ee
cc
cc
uu
uu
rr
rr
ii
ii
tt
tt
yy
yy
The Netopia R6000 Series provides a number of security features to help protect its configuration screens and
your local network from unauthorized access. Although these features are optional, it is strongly recommended
that you use them.
This section covers the following topics:
■ “Suggested Security Measures” on page 16-1
■ “User Accounts” on page 16-1
■ “Dial-in Console Access” on page 16-4
■ “RADIUS Client Support” on page 16-5
■ “Enable SmartStart/SmartView/Web Server” on page 16-8
■ “Telnet Access” on page 16-9
■ “About Filters and Filter Sets” on page 16-9
■ “Working with IP Filters and Filter Sets” on page 16-17
■ “IPX Filters” on page 16-27.
■ “Firewall Tutorial” on page 16-35
■ “Filtering on the LAN Interface” on page 16-43
Suggested Security Measures
In addition to setting up user accounts, Telnet access, and filters (all of which are covered later in this chapter),
there are other actions you can take to make the Netopia R6000 Series and your network more secure:
■ Change the SNMP community strings (or passwords). The default community strings are universal and
could easily be known to a potential intruder.
■ Set the answer profile so it must match incoming calls to a connection profile.
■ Leave the Enable Dial-in Console Access option set to No.
■ When using AURP, accept connections only from configured partners.
■ Configure the Netopia R6000 Series through the serial console port to ensure that your communications
cannot be intercepted.
User Accounts
When you first set up and configure the Netopia R6000 Series, no passwords are required to access the
configuration screens. Anyone could tamper with the router’s configuration by simply connecting it to a console.