Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual page 125

Table 51: IDP Device Configuration: Protocol Thresholds and Configuration Settings (continued)
Setting Description
VNC Maximum Reason string length–Raises a protocol anomaly if IDP detects a VNC (Virtual Network Computing)
reason string length greater than the specified maximum. A reason string contains the text that describes why
a connection between a VNC server and client failed. The default is 512 bytes.
Maximum Display name length–Raises a protocol anomaly if IDP detects a VNC display name containing
more bytes than the specified maximum. The default is 128 bytes.
Maximum cut text length–Raises a protocol anomaly if IDP detects a VNC cut text buffer containing more
bytes than the specified maximum. The default is 4096 bytes.
Verify message after the initial handshake–Enables the security module to verify VNC connections after the
initial handshake. This setting is not enabled by default.
Maximum number of login failures per-minute–Raises a BRUTE_FORCE protocol anomaly if IDP detects
more login failures than the specified maximum. The default is 4 VNC login failures per minute.
WHOIS Maximum Request length–Raises a protocol anomaly if IDP detects a WHOIS request containing more bytes
than the specified maximum. The default is 128 bytes.
Copyright © 2010, Juniper Networks, Inc.
Chapter 8: Configuring Intrusion Detection and Prevention Device Settings
109