icmp-ping-of-death
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
717
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
ICMP-PING-OF-DEATH
icmp-ping-of-death [{max-frag-num <1-4294967295> [max-total-
length <1-4294967295>]|max-total-length <1-4294967295>}]
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
The TCP/IP specification requires a specific packet size for datagram
transmission. Many ping implementations allow you to specify a larger packet size
if desired. A grossly oversized ICMP packet can trigger a range of adverse system
reactions such as denial of service (DoS), crashing, freezing, and rebooting. This
command is also placed in the DoS attack prevention list to secure the system
from this attack.
PARAMETERS
DEFAULT VALUE
• Number of the maximum fragments allowed in one ping packet, default value is 50
• Number of maximum length of the whole ping packet total, default value is 65507
EXAMPLE
ALU(config-firewall-attack-A1)# icmp-ping-of-death max-frag-num
100
ICMP-REDIRECT
icmp-redirect
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode. This
command is not a default DoS setting. The above command can be included in
the DoS prevention list to avoid this kind of attacks.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# icmp-redirect
Parameter Description
max-frag-num <1-4294967295> Number of the maximum fragments
allowed in one ping packet.
max-total-length <1-
4294967295>
Number of maximum length of the whole
ping packet total.
To Next Page
Loading...
Need help?
General
