[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]
Detecting Packets That Use IP Options for Reconnaissance
Attackers can use the record route, timestamp,
security, and stream ID IP options for reconnaissance or for some
unknown but suspect purpose. To detect packets with these options
set, you can use either J-Web or the CLI configuration editor.
This topic covers:
J-Web Configuration
To configure screen and assign an Internet Protocol (IP) to
it:
- Select CLI Tools>Point and Click CLI.
- Next to Security, click Configure or Edit.
- Next to Screen, click Edit.
- Next to Ids option, click Add new entry.
- In the Name box, type ip-record-route.
- Next to Ip, click Configure.
- Next to Record route option, select the check box and
click OK.
- Next to Ids option, click Add new entry.
- In the Name box, type ip-timestamp-opt.
- Next to Ip, click Edit.
- Next to Timestamp option, select the check box and click OK.
- Next to Ids option, click Add new entry.
- In the Name box, type ip-security-opt.
- Next to Ip, click Edit.
- Next to Security option, select the check box and click OK.
- In the Name box, type ip-stream-opt.
- Next to Ip, click Edit.
- Next to Stream option, select the check box and click OK.
- To save and commit the configuration, click Commit.
To configure zones:
- Select CLI Tools>Point and Click CLI.
- Next to Security, click Configure or Edit.
- Next to Zones, click Configure.
- Next to Security zone, click Add new entry.
- In the Name box, type zone.
- In the Screen box, type ip-record-route-opt and click OK.
- Next to Security zone, click Add new entry.
- In the Name box, type zone.
- In the Screen box, type ip-timestamp-opt and click OK.
- Next to Security zone, click Add new entry.
- In the Name box, type zone.
- In the Screen box, type ip-security-opt and click OK.
- Next to Security zone, click Add new entry.
- In the Name box, type zone.
- In the Screen box, type ip-stream-opt and click OK.
- To save and commit the configuration, click Commit.
CLI Configuration
- user@host# set security screen ids-option
ip-record-route ip record-route-option
- user@host# set security screen ids-option
ip-timestamp-opt ip timestamp-option
- user@host# set security screen ids-option
ip-security-opt ip security-option
- user@host# set security screen ids-option
ip-stream-opt ip stream-option
- user@host# set security zones security-zone
zone screen ip-record-route-opt
- user@host# set security zones security-zone
zone screen ip-timestamp-opt
- user@host# set security zones security-zone
zone screen ip-security-opt
- user@host# set security zones security-zone
zone screen ip-stream-opt
[
Contents]
[
Prev]
[
Next]
[
Index]
[
Report an Error]