P-660H/HW-D Series User's Guide
Figure 84 Smurf Attack
9.4.2.1 ICMP Vulnerability
ICMP is an error-reporting protocol that works in concert with IP. The following ICMP types
trigger an alert:
Table 53 ICMP Commands That Trigger Alerts
5
13
14
17
18
9.4.2.2 Illegal Commands (NetBIOS and SMTP)
The only legal NetBIOS commands are the following - all others are illegal.
Table 54 Legal NetBIOS Commands
MESSAGE:
REQUEST:
POSITIVE:
VE:
RETARGET:
KEEPALIVE:
All SMTP commands are illegal except for those displayed in the following tables.
Table 55
AUTH
DATA
QUIT
RCPT
149
REDIRECT
TIMESTAMP_REQUEST
TIMESTAMP_REPLY
ADDRESS_MASK_REQUEST
ADDRESS_MASK_REPLY
Legal SMTP Commands
EHLO
ETRN
RSET
SAML
EXPN
HELO
HELP
SEND
SOML
TURN
MAIL
NOOP
VRFY
Chapter 9 Firewalls