Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
57
NOTE:
FTP command words refer to the command words carried in the FTP requests, including RETR, STOR,
A
PPE, USER, PASS, PORT, PASV, RNFR, RNTO, DELE, LIST, and QUIT, rather than the command words
typed in the command line. For example, to upload a file named 123.txt, you type command put 123.txt.
In this case, the FTP command word to be filtered is not put but STOR.
Upload filename filtering—Filters filenames carried in FTP upload requests, preventing clients from
uploading files with the specified names to the server.
Download filename filtering—Filters filenames carried in FTP download requests, preventing clients
from downloading files with the specified names from the server.
Telnet packet content filtering
Telnet packet content filtering, hereafter referred to as Telnet filtering, filters command words in Telnet
requests, preventing Telnet users from executing specific commands that will greatly impact the normal
operation of the firewall, such as format and reboot.
NOTE:
Telnet command filtering supports the following characters:
Visible characters—ASCII codes 0x20 to 0x7e.
Special characters—ASCII codes 0x0, 0x8, 0x0d, 0x0d00, and 0x0d0a.
Others—Cursor Left (0x1b5b44) and Cursor Right (0x1b5b43).
Configuring content filtering
Configuration guide
To configure content filtering:
1. Configure filtering entries and filtering keywords
You can configure various filtering entries and filtering keywords as needed.
Table 18 Filtering entries and filtering keywords configuration task list
Task Descri
p
tion
Configuring keyword filtering
entries
Keyword filtering entries include:
HTTP keyword filtering entries—For header filtering and body filtering in
HTTP filtering policies.
SMTP keyword filtering entries—For subject filtering, body filtering, and
attachment content filtering in SMTP filtering policies.
POP3 keyword filtering entriesFor subject filtering, body filtering, and
attachment content filtering in POP3 filtering policies.
FTP keyword filtering entries—For command word filtering in FTP filtering
polices.
Telnet keyword filtering entries—For command word filtering in Telnet
filtering policies.
By default, no keyword filtering entries exist.