Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
401402403404405406407408409410
4-104
Firewall
Attack Checking
Attack Checking
The TMS zl Module automatically detects and blocks specific known
attacks. It monitors TCP handshakes and drops packets with flags that signal
known attacks.
The TMS zl Module firewall checks for these attacks by default:
IP spoofing
Ping of death
Land attacks
IP reassembly attacks
Note You cannot prevent the firewall from dropping packets that display the signs
of these attacks.
Additionally, you can enable and disable certain optional checks, including
those for the following attacks:
ICMP replay
ICMP error messages
SYN flooding
Source routing
WinNuke
Sequence number prediction
Sequence number out of range
Pre-connection ACK
ProCurve periodically updates the TMS zl Module software to check for and
block new attacks. For more information about downloading new software
and upgrading it on your TMS zl Module, see “Update the Module Software”
on page 2-99 or “Update the Module Software” in Chapter 3: “Initial Setup in
Monitor Mode.”
Refer to the sections below:
Read “Attack Check Descriptions” on page 4-105 for detailed information
about each attack check.
See “Enable and Disable Optional Attack Checks” on page 4-111 for
instructions on enabling and disabling the attack checks.