1 icmp vulnerability, 2 illegal commands (netbios and smtp), Figure 101 smurf attack – ZyXEL Communications P-2602HW(L) Series User Manual
Page 186

P-2602H(W)(L)-DxA Series User’s Guide
186
Chapter 13 Firewalls
Figure 101 Smurf Attack
13.4.2.1 ICMP Vulnerability
ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:
13.4.2.2 Illegal Commands (NetBIOS and SMTP)
The only legal NetBIOS commands are the following - all others are illegal.
All SMTP commands are illegal except for those displayed in the following tables.
Table 67 ICMP Commands That Trigger Alerts
5
REDIRECT
13
TIMESTAMP_REQUEST
14
TIMESTAMP_REPLY
17
ADDRESS_MASK_REQUEST
18
ADDRESS_MASK_REPLY
Table 68 Legal NetBIOS Commands
MESSAGE:
REQUEST:
POSITIVE:
VE:
RETARGET:
KEEPALIVE:
Table 69 Legal SMTP Commands
AUTH
DATA
EHLO
ETRN
EXPN
HELO
HELP
NOOP
QUIT
RCPT
RSET
SAML
SEND
SOML
TURN
VRFY
This manual is related to the following products: