beautypg.com

1 icmp vulnerability, 2 illegal commands (netbios and smtp), Figure 83 smurf attack – ZyXEL Communications P-660HW-D Series User Manual

Page 148

background image

P-660HW-D Series User’s Guide

147

Chapter 9 Firewalls

Figure 83 Smurf Attack

9.4.2.1 ICMP Vulnerability

ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:

9.4.2.2 Illegal Commands (NetBIOS and SMTP)

The only legal NetBIOS commands are the following - all others are illegal.

All SMTP commands are illegal except for those displayed in the following tables.

Table 53 ICMP Commands That Trigger Alerts

5

REDIRECT

13

TIMESTAMP_REQUEST

14

TIMESTAMP_REPLY

17

ADDRESS_MASK_REQUEST

18

ADDRESS_MASK_REPLY

Table 54 Legal NetBIOS Commands

MESSAGE:

REQUEST:

POSITIVE:

VE:

RETARGET:

KEEPALIVE:

Table 55 Legal SMTP Commands

AUTH

DATA

EHLO

ETRN

EXPN

HELO

HELP

MAIL

NOOP

QUIT

RCPT

RSET

SAML

SEND

SOML

TURN

VRFY

See also other documents in the category ZyXEL Communications Hardware: