Watchguard Firebox X1000 User Manual page 201
Vpn gateway
Hide thumbs
Also See for Firebox X1000:
- Reference manual (264 pages) ,
- Quick start manual (38 pages) ,
- Hardware manual (30 pages)
Table of Contents
Advertisement
tion. In conjunction with the false identity, the attacker may
route the packet so that it appears to originate from a host
that the targeted system trusts.
If the destination system performs session authentication
based on a connection's IP address, the destination system
may allow the packet with the spoofed address through
your firewall. The destination system "sees" that the
packet apparently originated from a host that is trusted,
and therefore doesn't require validation or a password.
When you enable spoofing defense, the Firebox prevents
packets with a false identity from passing through to your
network. When such a packet attempts to establish a con-
nection, the Firebox generates two log records. One log
record shows that the attacker's packet was blocked; the
other shows that the attacker's site has been added to the
Blocked Sites list, a compilation of all sites blocked by the
Firebox.
You can block spoofing attacks using the Default
Packet Handling dialog box. From Policy Man-
ager:
1
On the toolbar, click the Default Packet Handling icon,
shown at right.
You can also, from Policy Manager, select Setup = > Intrusion
Prevention = > Default Packet Handling.
The Default Packet Handling dialog box appears, as shown in the
following figure.
2
Select the checkbox marked Block Spoofing Attacks.
User Guide
Default Packet Handling
179
Hide quick links:
Advertisement
Table of Contents
