Packet inspection configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

3

Item

Description

Enable WinNuke Attack Detection

Enable or disable detection of WinNuke attacks.

Enable TCP Flag Attack Detection

Enable or disable detection of TCP flag attacks.

Enable ICMP Unreachable Packet Attack Detection

Enable or disable detection of ICMP unreachable
attacks.

Enable ICMP Redirect Packet Attack Detection

Enable or disable detection of ICMP redirect attacks.

Enable Tracert Packet Attack Detection

Enable or disable detection of Tracert attacks.

Enable Smurf Attack Detection

Enable or disable detection of Smurf attacks.

Enable IP Packet Carrying Source Route Attack
Detection

Enable or disable detection of source route attacks.

Enable Route Record Option Attack Detection

Enable or disable detection of route record attacks.

Enable Large ICMP Packet Attack Detection

Max Packet Length

Enable detection of large ICMP attacks and set the
packet length limit, or disable detection of such

attacks.

Packet Inspection Configuration Example

Network requirements

As shown in

Figure 2

, the internal network is the trusted zone and the external network is the untrusted

zone.
Configure the device to protect the trusted zone against Land attacks and Smurf attacks from the

untrusted zone.

Figure 2 Network diagram for packet inspection configuration

Configuration procedure

# Assign IP addresses to interfaces. (Omitted)
# Enable Land attack detection and Smurf attack detection for the untrusted zone.
From the navigation tree, select Intrusion Detection > Packet Inspection to enter the packet

inspection configuration page. Then, perform the configurations shown in

Figure 3

.