Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
1-38
Overview
IDS/IPS
By default, the TMS zl Module provides protocol-anomaly detection for the
following applications:
HTTP
Check for URL decoding in the URL request
Check for directory traversal beyond the root directory
Check for NULL method
Check for evasion techniques
Check for the length of the URL request (user-configurable)
Check for a number of lines per header that exceeds the maximum
limit (user-configurable)
Check for a MIME header size that exceeds the maximum limit (user-
configurable)
Check for the number of MIME headers
Check for the MIME header line length
SMTP
Ensure that the command line does not exceed 512 bytes
Check the recursive boundary depth in SMTP data
Check for a header length that exceeds the maximum limit (user-
configurable)
FTP
Ensure that the command line does not exceed 512 bytes
IMAP
Check for malformed requests (the command line lacks the proper
tag, command, and so forth)
POP3
Ensure that the command line does not exceed 512 bytes
DNS
Check for a DNS reply without a valid request
Check for unknown DNS operation flags
Check for a domain name greater than 255 bytes
Check for a label size greater than 63 bytes
Check for an invalid DNS label offset
Check the resource record (RR) count and match it with the number
in the RR record
Ensure that a label reference is with the message