Table of Contents
Advertisement
Network and Security Manager Administration Guide
352
NOTE: The Protocol field does not appear for DI attack objects.
Source—Enter the source IP of the attacking device.
Destination—Enter the destination IP of the attack target.
Reserved Bit—This bit is not used.
More Fragments—When set (1), this option indicates that the packet contains more
fragments. When unset (0), it indicates that no more fragments remain.
Don't Fragment—When set (1), this option indicates that the packet cannot be
fragmented for transmission.
Configuring TCP Header Matches
For attacks that use TCP and a packet context, in the Protocol tab, select TCP Packet
Header Fields from TCP/UDP/ICMP Header Matches menu, then set values for the
following TCP fields and flags:
Source Port—Specify an operand (none, =, !, >, <) and a decimal value for the port
number on the attacking device.
Destination Port—Specify an operand (none, =, !, >, <) and a decimal value for the port
number of the attack target.
Sequence Number—Specify an operand (none, =, !, >, <) and a decimal value for the
sequence number of the packet. This number identifies the location of the data in
relation to the entire data sequence.
ACK Number—Specify an operand (none, =, !, >, <) and a decimal value for the ACK
number of the packet. This number identifies the next sequence number; the ACK flag
must be set to activate this field.
Header Length—Specify an operand (none, =, !, >, <) and a decimal value for the
number of bytes in the TCP header.
Data Length—Specify an operand (none, =, !, >, <) and a decimal value for the number
of bytes in the data payload. For SYN, ACK, and FIN packets, this field should be empty.
Window Size—Specify an operand (none, =, !, >, <) and a decimal value for the number
of bytes in the TCP window size.
Urgent Pointer—Specify an operand (none, =, !, >, <) and a decimal value for the urgent
pointer. The value indicates that the data in the packet is urgent; the URG flag must
be set to activate this field.
URG—When set, the urgent flag indicates that the packet data is urgent.
ACK—When set, the acknowledgment flag acknowledges receipt of a packet.
PSH—When set, the push flag indicates that the receiver should push all data in the
current sequence to the destination application (identified by the port number) without
waiting for the remaining packets in the sequence.
RST—When set, the reset flag resets the TCP connection, discarding all packets in an
existing sequence.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper 200 Series