1 icmp vulnerability, 2 illegal commands (netbios and smtp), Figure 54 smurf attack – ZyXEL Communications Prestige 2602R Series User Manual

Page 140

Advertising
background image

Prestige 2602R Series User’s Guide

140

Chapter 12 Firewalls

Figure 54 Smurf Attack

12.4.2.1 ICMP Vulnerability

ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:

12.4.2.2 Illegal Commands (NetBIOS and SMTP)

The only legal NetBIOS commands are the following - all others are illegal.

All SMTP commands are illegal except for those displayed in the following tables.

Table 39 ICMP Commands That Trigger Alerts

5

REDIRECT

13

TIMESTAMP_REQUEST

14

TIMESTAMP_REPLY

17

ADDRESS_MASK_REQUEST

18

ADDRESS_MASK_REPLY

Table 40 Legal NetBIOS Commands

MESSAGE:

REQUEST:

POSITIVE:

VE:

RETARGET:

KEEPALIVE:

Table 41 Legal SMTP Commands

AUTH

DATA

EHLO

ETRN

EXPN

HELO

HELP

MAIL

NOOP

QUIT

RCPT

RSET

SAML

SEND

SOML

TURN

VRFY

Advertising
See also other documents in the category ZyXEL Communications Hardware: