Using the Web Browser Interface for Advanced Configuration Tasks
Configuring the ProCurve Secure Router OS Firewall
14-22
Table 14-1. Packets Automatically Dropped by the Secure Router OS Firewall
Packet
larger than the IP max (65,535 bytes)
fragmented packets with errors when
reconstructed
ping response that is not part of an active
session
source address to which the router does not
know a route
all ICMP packets except:
• echo
• echo-reply
• ttl expired
• destination unreachable
• quench
falsified IP header (the length bit does not
match the actual length)
UDP echo packets
source address equals the destination
address
broadcast address for the source address
TCP SYN packets with one or more of these
flags:
• ACK
• URG
• RST
• FIN
invalid TCP sequence number
source route option is enabled
Associated Attack
Ping of death
• Syndrop
• Targea
• Nestea
• Newtear
• TearDrop
• Open-Tear
• Bonk
• Boink
Smurf attack
IP spoofing
Twinge
• Jolt
• Jolt2
• Chargen
• Fraggle
Land attack
—
—
—
—
Need help?
Do you have a question about the ProCurve Secure Router 7203 dl and is the answer not in the manual?
Questions and answers