Table of Contents
Advertisement
Configuring Intrusion Detection and Prevention Devices Guide
Table 43: TCP Header Match Settings
Setting
Source Port
Destination Port
Sequence Number
ACK Number
Header Length
Window Size
Data Length
Urgent Pointer
URG Bit
ACK Bit
PSH Bit
RST Bit
FIN Bit
R1 Bit, R2 Bit
Table 44: UDP Header Match Settings
Setting
Source Port
Destination Port
Data Length
74
Description
The port number on the attacking device.
The port number of the attack target.
The sequence number of the packet. This number identifies the location of the data in relation to
the entire data sequence.
The ACK number of the packet. This number identifies the next sequence number; the ACK flag
must be set to activate this field.
The number of bytes in the TCP header.
The number of bytes in the TCP window size.
The number of bytes in the data payload. For SYN, ACK, and FIN packets, this field should be empty.
The data in the packet is urgent; the URG flag must be set to activate this field.
When set, the urgent flag indicates that the packet data is urgent.
When set, the acknowledgment flag acknowledges receipt of a packet.
When set, the push flag indicates that the receiver should push all data in the current sequence to
the destination application (identified by the port number) without waiting for the remaining packets
in the sequence.
When set, the reset flag resets the TCP connection, discarding all packets in an existing sequence.
When set, the final flag indicates that the packet transfer is complete and the connection can be
closed.
Reserved bit. Unused.
If you selected UDP for Service Binding and packet or first-data-packet as the Context,
6.
click the Protocols tab, select UDP packet header fields, and configure UDP Header
Match settings as described in Table 44 on page 74.
Description
Enter the port number on the attacking device.
Enter the port number of the attack target.
Enter the number of bytes in the data payload.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1