Internet Protocol Options - Watchguard Firebox X1000 Reference Manual
Vpn gateway
Hide thumbs
Also See for Firebox X1000:
- User manual (314 pages) ,
- Quick start manual (38 pages) ,
- Hardware manual (30 pages)
Table of Contents
Advertisement
CHAPTER 1: Internet Protocol Reference
Internet Protocol Options
Internet Protocol options are variable-length additions to the standard IP
header. Unfortunately, enabling IP options can be risky; hackers can use
them to specify a route that helps them gain access to your network.
Because most applications make it very obscure or difficult to use IP
options, they are rarely used.
There are several kinds of IP options:
6
Keyword
Number
SCC-SP
96
ETHERIP
97
ENCAP
98
99
GMTP
100
101-254
255
Security
Control routing of IP packets that carry sensitive data. Security
options are rarely supported.
Stream ID (SID)
The stream ID option is rarely supported.
Source Routing
Both the loose source route option and the strict source route
option enable the source of an Internet packet to provide routing
information. Source routing options can be very dangerous,
because a clever attacker might use them to masquerade as
another site. However, loose source routing and the traceroute
facility can also help debug some obscure routing problems.
Record Route
The record route option was originally intended for use in testing
the Internet. Unfortunately, record route can record only ten IP
Protocol
Semaphore Communications Security
Protocol
Ethernet-within-IP Encapsulation
Encapsulation Header
Any private encryption scheme
GMTP
Unassigned
Reserved
WatchGuard Firebox System
Hide quick links:
Advertisement
Table of Contents
