Figure 81 smurf attack, 1 icmp vulnerability, 2 illegal commands (netbios and smtp) – ZyXEL Communications P-661H Series User Manual

Page 150

Advertising
background image

P-661H/HW Series User’s Guide

150

Chapter 8 Firewalls

Figure 81 Smurf Attack

8.4.2.1 ICMP Vulnerability

ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:

8.4.2.2 Illegal Commands (NetBIOS and SMTP)

The only legal NetBIOS commands are the following - all others are illegal.

All SMTP commands are illegal except for those displayed in the following tables.

Table 57 ICMP Commands That Trigger Alerts

5

REDIRECT

13

TIMESTAMP_REQUEST

14

TIMESTAMP_REPLY

17

ADDRESS_MASK_REQUEST

18

ADDRESS_MASK_REPLY

Table 58 Legal NetBIOS Commands

MESSAGE:

REQUEST:

POSITIVE:

VE:

RETARGET:

KEEPALIVE:

Table 59 Legal SMTP Commands

AUTH

DATA

EHLO

ETRN

EXPN

HELO

HELP

MAIL

NOOP

QUIT

RCPT

RSET

SAML

SEND

SOML

TURN

VRFY

Advertising
This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: