Policy Types - ZyXEL Communications ZyWALL 1100 User Manual

Policy Types

This table describes Policy Types as categorized in the ZyWALL/USG.
Table 183 Policy Types
POLICY TYPE DESCRIPTION
Any This refers to all IDP attack types.
ACL An access control list (ACL) is a list of permissions that specifies which users or
system processes are granted access to objects. ACL attacks target such access
traffic.
ACL An Access Control List (ACL) attack occurs when system administrators update the
ALC entries which temporarily creates security holes and traffic disruptions that leave
the network vulnerable. The risk increases directly in relation to the speed of the
interface where the ACL update occurs.
Access Control Access control refers to procedures and controls that limit or detect access. Access
control attacks try to bypass validation checks in order to access network resources
such as servers, directories, and files.
Any Any attack includes all other kinds of attacks that are not specified in the policy such
as password, spoof, hijack, phishing, and close-in.
Backdoor/Trojan A backdoor (also called a trapdoor) is hidden software or a hardware mechanism that
Horse can be triggered to gain access to a program, online service or an entire computer
system. A Trojan horse is a harmful program that is hidden inside apparently
harmless programs or data.
Although a virus, a worm and a Trojan are different types of attacks, they can be
blended into one attack. For example, W32/Blaster and W32/Sasser are blended
attacks that feature a combination of a worm and a Trojan.
BotNet A Botnet is a number of Internet computers that have been set up to forward
transmissions including spam or viruses to other computers on the Internet though
their owners are unaware of it. It is also a collection of Internet-connected programs
communicating with other similar programs in order to perform tasks and participate
in distributed Denial-Of-Service attacks.
Buffer Overflow A buffer overflow occurs when a program or process tries to store more data in a
buffer (temporary data storage area) than it was intended to hold. The excess
information can overflow into adjacent buffers, corrupting or overwriting the valid
data held in them.
Intruders could run codes in the overflow buffer region to obtain control of the
system, install a backdoor or use the victim to launch attacks on other devices.
DoS/DDoS The goal of Denial of Service (DoS) attacks is not to steal information, but to disable
a device or network on the Internet.
A Distributed Denial of Service (DDoS) attack is one in which multiple compromised
systems attack a single target, thereby causing denial of service for users of the
targeted system.
File Transfer File transfer IDP attacks are attacks that target file transfer traffic over a network
using protocols such as FTP.
File-Transfer A File-Transfer attack occurs when an unsecured network port allows malware to
sneak through assuming it for a standard FTP traffic by mistake.
Instant Messenger IM (Instant Messenger) refers to chat applications. Chat is real-time, text-based
communication between two or more users via networks-connected computers. After
you enter a chat (or chat room), any room member can type a message that will
appear on the monitors of all the other participants.
Mail Mail IDP attacks are attacks that target mail traffic over a network using protocols
such as SMTP.
Misc This refers to IDP attack types not covered by the other IDP attack type categories.
Chapter 28 IDP
ZyWALL/USG Series User's Guide
456