Filter and Firewall
Left running head:
Chapter name (automatic)
720
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Command Reference Guide
Alcatel-Lucent
IP-SPOOFING
ip-spoofing
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
To gain access, intruders create packets with spoofed source IP addresses. This
exploits applications that use authentication based on IP addresses and leads to
unauthorized user and possibly root access on the targeted system.
Current intruder activity in spoofing source IP addresses can lead to unauthorized
remote root access to the systems behind a filtering-router firewall. After gaining
root access and taking over existing terminal and login connections, intruders can
gain access to remote hosts. This command is not included in the default attack
prevention list, you can explicitly include it to secure the system from this attack.
PARAMETERS
None.
EXAMPLE
ALU(config-firewall-attack-A1)# ip-spoofing
IP-TEAR-DROP
ip-tear-drop
DESCRIPTION
This command is entered in the Firewall-Attack Sub Configuration Mode.
Teardrop attack tool attacks the vulnerability of the TCP/IP IP fragmentation re-
assembly codes which do not properly handle the overlapping IP fragments.
PARAMETERS
None.
DEFAULT VALUE
By default, this attack is turned on.
EXAMPLE
ALU(config-firewall-attack-A1)# ip-tear-drop
To Next Page
Loading...
Need help?
General
