beautypg.com

Cisco ASA 5505 User Manual

Page 1212

background image

57-6

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 57 Using Protection Tools

Configuring IP Audit for Basic IPS Support

2008

400018

ICMP Timestamp Reply

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 14 (Timestamp Reply).

2009

400019

ICMP Information Request

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 15 (Information Request).

2010

400020

ICMP Information Reply

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 16 (ICMP Information Reply).

2011

400021

ICMP Address Mask Request

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 17 (Address Mask Request).

2012

400022

ICMP Address Mask Reply

Informational

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and the type field in the ICMP header
set to 18 (Address Mask Reply).

2150

400023

Fragmented ICMP Traffic

Attack

Triggers when a IP datagram is received with
the protocol field of the IP header set to 1
(ICMP) and either the more fragments flag is
set to 1 (ICMP) or there is an offset indicated
in the offset field.

2151

400024

Large ICMP Traffic

Attack

Triggers when a IP datagram is received with
the protocol field of the IP header set to
1(ICMP) and the IP length > 1024.

2154

400025

Ping of Death Attack

Attack

Triggers when a IP datagram is received with
the protocol field of the IP header set to
1(ICMP), the Last Fragment bit is set, and (IP
offset * 8) + (IP data length) > 65535 that is
to say, the IP offset (which represents the
starting position of this fragment in the
original packet, and which is in 8 byte units)
plus the rest of the packet is greater than the
maximum size for an IP packet.

3040

400026

TCP NULL flags

Attack

Triggers when a single TCP packet with none
of the SYN, FIN, ACK, or RST flags set has
been sent to a specific host.

3041

400027

TCP SYN+FIN flags

Attack

Triggers when a single TCP packet with the
SYN and FIN flags are set and is sent to a
specific host.

Table 57-1

Signature IDs and System Message Numbers (continued)

Signature
ID

Message
Number

Signature Title

Signature Type Description

This manual is related to the following products:
See also other documents in the category Cisco Hardware: