[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Enabling Protection Against a Teardrop Attack

Teardrop attacks exploit the reassembly of fragmented IP packets.

Before You Begin

For background information, read Understanding Teardrop Attacks.

You can use either J-Web or the CLI configuration editor to enable protection against a Teardrop attack. The specified zone is where the attack originates.

This topic covers:

J-Web Configuration

To configure screens:

  1. Select Configure>CLI Tools>Point and Click CLI.
  2. Next to Security, click Configure or Edit.
  3. Next to Screen, click Configure.
  4. Next to Ids option, click Add new entry.
  5. In the Name box, type tear-drop.
  6. Next to Ip, click Configure.
  7. Next to Tear drop, select the check box and click OK.
  8. To save and commit the configuration, click Commit.

To configure zones:

  1. Select Configure>CLI Tools>Point and Click CLI.
  2. Next to Security, click Configure or Edit.
  3. Next to Zones, click Configure.
  4. Next to Security zone, click Add new entry.
  5. In the Name box, type zone.
  6. In the Screen box, type tear-drop and click OK.
  7. To save and commit the configuration, click Commit.

CLI Configuration

user@host# set security screen ids-option tear-drop ip tear-drop
user@host# set security zones security-zone zone screen tear-drop

Related Topics

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]