Cisco ASA 5505 User Manual

57-5

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 57 Using Protection Tools

Configuring IP Audit for Basic IPS Support

1103

400009

IP Overlapping Fragments (Teardrop) Attack

Triggers when two fragments contained
within the same IP datagram have offsets that
indicate that they share positioning within the
datagram. This could mean that fragment A is
being completely overwritten by fragment B,
or that fragment A is partially being
overwritten by fragment B. Some operating
systems do not properly handle fragments that
overlap in this manner and may throw
exceptions or behave in other undesirable
ways upon receipt of overlapping fragments,
which is how the Teardrop attack works to
create a DoS.

2000

400010

ICMP Echo Reply

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 0 (Echo Reply).

2001

400011

ICMP Host Unreachable

Informational

Triggers when an IP datagram is received
with the protocol field of the IP header set to
1 (ICMP) and the type field in the ICMP
header set to 3 (Host Unreachable).

2002

400012

ICMP Source Quench

Informational

Triggers when an IP datagram is received
with the protocol field of the IP header set to
1 (ICMP) and the type field in the ICMP
header set to 4 (Source Quench).

2003

400013

ICMP Redirect

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 5 (Redirect).

2004

400014

ICMP Echo Request

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 8 (Echo Request).

2005

400015

ICMP Time Exceeded for a Datagram Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 11(Time Exceeded for a Datagram).

2006

400016

ICMP Parameter Problem on
Datagram

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 12 (Parameter Problem on Datagram).

2007

400017

ICMP Timestamp Request

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 13 (Timestamp Request).

Table 57-1

Signature IDs and System Message Numbers (continued)

Signature
ID

Message
Number

Signature Title

Signature Type Description