ip-land-attack
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
719
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
IP-LAND-ATTACK
ip-land-attack
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
A LAND attack consists of a stream of TCP SYN packets that have the source IP
address and TCP port number set to the same value as the destination address
and port number (i.e., that of the attacked host). This command included in the
default list provides protection to the system from these kind of attacks.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# ip-land-attack
IP-SOURCE-ROUTING
ip-source-routing
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
Source routing is a technique whereby the sender of a packet can specify the
route that a packet should take through the network. Attackers can use source
routing to probe the network by forcing packets into specific parts of the network.
Using source routing, an attacker can collect information about the networks
topology, or other information that could be useful in performing an attack. During
an attack, an attacker could use source routing to direct packets to bypass
existing security restrictions. If the “default” keyword is not used, this attack can
be prevented by including this in the user-defined attack protection list.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# ip-source-routing
To Next Page
Loading...
