Filters: Here you can filter out 5 LAN IP addresses from accessing the DHCP server (therefore deactivating Internet Access on any of the client machines on your LAN). This is a good way to stop that employee who keeps abusing his work access and playing Q3... hey - wait a minute!......;-)
Forwarding: You can use this menu to forward any service (Port) to any IP (system) on your LAN. If you are (for example) running a FTP Server on one of your systems, you will need to forward Service (Port) 21 to the IP address of the FTP server (so that all requests coming through on port 21 get forwarded to that machine). Of course, as we've mentioned the downside to this is: 1. you can't specify UDP or TCP 2. you are limited to only 10 fields currently
Dynamic Routing: Basically this is menu specifies the role of the Router. Use this menu to specify if your Router is to be Gateway (Sole DHCP Server) or Router (Client with other Routers) You can also specify the Routing Protocols here.
Static Routing: This is only used if there are multiple Routers on your LAN. The static routing function determines the path that data follows over your network before and after it passes through your Router.
DMZ: Here you can place a PC on your LAN in DMZ mode. You specify the IP of a client PC on your LAN that you want to be in the DMZ mode. This basically takes a PC off the Firewall protection of the Router. If you do this: that PC will now be 'unprotected', but all ports are able to freely send and receive on the Internet. This is needed for things like Video Conferencing, Some ICQ Activities, Napster, FTP or HTTP Servers etc.. Basically things that require one or more non-standard ports opened. Again the downside is: you can only set one PC in the DMZ...
Note: Remember the PC you put in the DMZ is no longer protected by the Firewall
The Firewall is a Hardware-Based "Port Closer". A primary feature of this is that the Router will not respond to unsolicited requests from the Internet. A severe downside to this is, there is no way for a user to configure any aspect of the Firewall (we didn't like this 'feature'). With Software Firewalls you can usually open or close any UDP or TCP Port, and configure it's level of security. With this Router, you can't configure the Firewall at all! You only have the option of forwarding ports, or placing a single PC in DMZ mode.
Linksys: if you're listening PUT FIREWALL CONTROL ON YOUR FIRMWARE UPDATE "WISH LIST"!
If you need to place a system in your LAN into DMZ mode, you only have to input a PC's IP in the DMZ section of the Advanced Options. Then, that system will no longer be protected by the Router's Firewall. This feature will allow you to run special applications like a FTP server or Netmeeting. It may also be a necessary feature for many other 'needs' such as transferring files through ICQ or running a Game Server.
We have word straight from Linksys that multiple DMZ support is on the new firmware "wish list". Let's hope it becomes a reality!
In the Advanced Options you can also forward a Service (no you can't select UDP or TCP it does both by default) to any of your client PC's. What this does is forward the incoming traffic from that port directly to the assigned PC. The downside? You only have 10 fields for forwarding entries! :(
But, the Linksys Router's Firewall protection is quite delicious! It will lay the Smack down on de' hackers!
We stopped by Steve Gibson's place for a little check-out with Shields Up!
Well - no stealth, but I'll take it! Who cares if hackers can still se your ports as long as they're closed.
Finally we headed over to Secure-Me's web-site (non-existent anymore) for another try: as you can see the Linksys router got a perfect '0' score on this test.
Well, apparently security is not an issue! We're locked up tighter than Bill Gate's wallet!