Table of Contents
Advertisement
30.3.2.1 Understand the Vulnerability
Check the Zyxel Device logs when the attack occurs. Use web sites such as Google or Security Focus to
get as much information about the attack as you can. The more specific your signature, the less chance
it will cause false positives.
As an example, say you want to check if your router is being overloaded with DNS queries so you create
a signature to detect DNS query traffic.
30.3.2.2 Analyze Packets
Use the packet capture screen and a packet analyzer (also known as a network or protocol analyzer)
such as Wireshark or Ethereal to investigate some more.
Figure 358 DNS Query Packet Details
Chapter 30 IDP
ZyWALL ATP Series User's Guide
549
- Quick Links:
- Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZyWall ATP series
Related Products for ZyXEL Communications ZyWall ATP series
- ZyXEL Communications ZyWALL USG Series
- ZyXEL Communications ZyWALL 310
- ZyXEL Communications ZyWALL 310 Series
- ZyXEL Communications ZyWall ZLD Series
- ZyXEL Communications ZLD
- ZyXEL Communications ZyWALL ATP Series
- ZyXEL Communications ZyWALL 10
- ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0