Firmware 5.30 für IX78
Additional SIP security functions in 5.30 firmware:
Protection against common SipVicious attacks, general DoS SIP attacks and SIP brute force password guessing has been added.
- On the SIP Switch page, header information to protect against common SipVicious attacks is added in the Incoming Call Blacklist table when upgrading to 5.30.
- On the Security pages, under General settings, SIP flood detection is added. The default values: Trigger levels: Low 5, High 40, Quarantine time 300 seconds are only added after factory default. Add values manually to activate protection!
- On the SIP Advanced page, under Authorized Users, Brute force attack protection is added. The default values: allow 3 authentication attempts within an interval of 30 seconds are only added after factory default. Add values manually to activate protection!
See the help texts in the web GUI for more information!
General note when upgrading to 5.20 or later from earlier firmware:
If you have used IX78 as a wireless access point and have upgraded it to 5.20 you will notice that the wireless transmitter of IX78 is turned off upon the upgrade, and your wireless settings are reset.
To re-establish your wireless connection:
- Delete the IX78 from your PC's "Preferred Wireless Networks" list
- Enter your wireless settings again manually to your IX78's Wireless Settings page, Save permanently and reboot
- Refresh your PC's "Available Wireless Networks" list, select your IX78 and connect to it
The wireless connection is turned off by default as of from now. Performing a factory default will also turn off wireless. To temporarily enable the wireless access - without any encryption - hold the SEL button on the front panel pressed for 10 seconds.
It is highly recommended that you enable encryption (WPA or WPA2) on your wireless connection as soon as possible!
Firmware: 5.30 date: 2010-OCT-19
- Some web GUI pages moved to new Applications menu
- Firewall throughput improved
- SIP related:
- IP blacklisting based on contents of SIP message added
- General SIP DoS flood detection and protection added
- Protection against brute force SIP password guessing attacks added
- WAN SIParator 1 and 2 added to Operational modes
- Better operator selection on Administration page
- Authentication credentials forwarded when b2bua without account is used
- Forward Action and Condition on SIP Switch page improved
- RTCP support added to FXS ports
- Voice metrics (MOS etc) in Call log / CDRs extended and improved
- Additional licensing mechanism for SIP sessions based on set CAC value
- Inhibit hold setting on SIP Advanced page added
- Settings added to SIP Advanced pages to hide Via header
- Settings added to SIP Advanced pages to hide Record-Route
- Several settings added to SIP Trunk pages
- New configuration option for escape characters in username of SIP URI
- Improved handling of forked calls that gets authenticated
- FXS port call waiting (incoming call while busy) timeout set to 25s
- FXS ports compatibility with Telia plus services as Swedish default
- Setting to convert leading +468 to 08 for caller-ID in FXS ports
- Compatibility improvements
- Stability improvements
- DHCP relay support added DHCP Server Advanced page
- Bridge IEEE 802.1D WAN to ET4 added to Network
- Collect debug info now button added to Administration page
- Fingerprints added to certificate viewer page
- RTMP (Macromedia Flash) checkbox added to Security profile page
- Packet size (max payload) added to classifier for extra WAN interfaces
- Remote configuration (web) available on extra WAN interfaces also
- USB read-only access (write protect) selectable
- Logging to USB memory stick added (see help text)
- Automatic selection of SNTP time zone in Europe
- Interface QoS class added to WAN interfaces on Network status page
- IP-TV (multicast) quality during heavy load improved
- TR-069 stability, speed and security improvements
- VPN stability improved
- Web GUI stability improved
- Other minor improvements
Please note that there are two different versions of the code.
78A530__.tar for networks using ADSL Annex A (normal analog telephone line)
78B530__.tar for networks using ADSL Annex B (ISDN telephone line)
Your IX78 hardware must also support the Annex used. (This firmware cannot be used in the IX66, IX67 or IX6