1 icmp vulnerability, 2 illegal commands (netbios and smtp), Figure 75 smurf attack – ZyXEL Communications P-2602R-DxA Series User Manual
Page 154

P-2602R/RL-DxA Series User’s Guide
154
Chapter 12 Firewalls
Figure 75 Smurf Attack
12.4.2.1 ICMP Vulnerability
ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:
12.4.2.2 Illegal Commands (NetBIOS and SMTP)
The only legal NetBIOS commands are the following - all others are illegal.
All SMTP commands are illegal except for those displayed in the following tables.
Table 51 ICMP Commands That Trigger Alerts
5
REDIRECT
13
TIMESTAMP_REQUEST
14
TIMESTAMP_REPLY
17
ADDRESS_MASK_REQUEST
18
ADDRESS_MASK_REPLY
Table 52 Legal NetBIOS Commands
MESSAGE:
REQUEST:
POSITIVE:
VE:
RETARGET:
KEEPALIVE:
Table 53 Legal SMTP Commands
AUTH
DATA
EHLO
ETRN
EXPN
HELO
HELP
NOOP
QUIT
RCPT
RSET
SAML
SEND
SOML
TURN
VRFY
This manual is related to the following products: