[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]
Enabling Protection Against a Teardrop Attack
Teardrop attacks
exploit the reassembly of fragmented IP packets.
You can use either J-Web or the CLI configuration
editor to enable protection against a Teardrop attack. The specified
zone is where the attack originates.
This topic covers:
J-Web Configuration
To configure screens:
- Select Configure>CLI Tools>Point and Click
CLI.
- Next to Security, click Configure or Edit.
- Next to Screen, click Configure.
- Next to Ids option, click Add new entry.
- In the Name box, type tear-drop.
- Next to Ip, click Configure.
- Next to Tear drop, select the check box and click OK.
- To save and commit the configuration, click Commit.
To configure zones:
- Select Configure>CLI Tools>Point and Click
CLI.
- Next to Security, click Configure or Edit.
- Next to Zones, click Configure.
- Next to Security zone, click Add new entry.
- In the Name box, type zone.
- In the Screen box, type tear-drop and click OK.
- To save and commit the configuration, click Commit.
CLI Configuration
- user@host# set security screen ids-option
tear-drop ip tear-drop
- user@host# set security zones security-zone
zone screen tear-drop
Related Topics
[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]