Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
121122123124125126127128129130
2-44
Managing TMS zl Firewalls
Configuring Firewalls
9. If you selected Attack Settings, define the types of possible threats you
want to monitor and block, which provides an additional level of security
Figure 2-32. Firewall Access Properties Wizard, Attack Settings
Click Next when all desired threat types are selected.
ICMP Replay An ICMP replay attack impersonates an end or intermediate device and
repeatedly replays the error message. The TCP protocol includes fault-
recovery responses for ICMP messages. Offenders can send ICMP
messages to several ports and use these responses to map out open and
closed ports. The attacker can then use this port map to launch many
types of attacks
And, replaying the message causes the transfer protocol to perpetually
try to correct the error, which results in a denial of service.
ICMP Error
Messages
An intruder sends forged ICMP error messages such as Destination
Unreachable, Source Quench, or Small PMTU, which can disrupt the TCP
connection, slow throughput, or overload a server.