beautypg.com

Figure 81 smurf attack, 1 icmp vulnerability, 2 illegal commands (netbios and smtp) – ZyXEL Communications P-661H Series User Manual

Page 150

background image

P-661H/HW Series User’s Guide

150

Chapter 8 Firewalls

Figure 81 Smurf Attack

8.4.2.1 ICMP Vulnerability

ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:

8.4.2.2 Illegal Commands (NetBIOS and SMTP)

The only legal NetBIOS commands are the following - all others are illegal.

All SMTP commands are illegal except for those displayed in the following tables.

Table 57 ICMP Commands That Trigger Alerts

5

REDIRECT

13

TIMESTAMP_REQUEST

14

TIMESTAMP_REPLY

17

ADDRESS_MASK_REQUEST

18

ADDRESS_MASK_REPLY

Table 58 Legal NetBIOS Commands

MESSAGE:

REQUEST:

POSITIVE:

VE:

RETARGET:

KEEPALIVE:

Table 59 Legal SMTP Commands

AUTH

DATA

EHLO

ETRN

EXPN

HELO

HELP

MAIL

NOOP

QUIT

RCPT

RSET

SAML

SEND

SOML

TURN

VRFY

This manual is related to the following products:
See also other documents in the category ZyXEL Communications Hardware: