Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Related Documentation
- J Series
- IDP Policies Overview
- Understanding IDP Protocol Decoders
- Understanding Custom Attack Objects
- Understanding Predefined IDP Attack Objects and Object Groups
- Example: Configuring IDP Protocol Anomaly-Based Attacks
- SRX Series
- IDP Policies Overview
- Understanding IDP Protocol Decoders
- Understanding Custom Attack Objects
- Understanding Predefined IDP Attack Objects and Object Groups
- Example: Configuring IDP Protocol Anomaly-Based Attacks
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
Understanding IDP Protocol Anomaly-Based Attacks
A protocol anomaly attack object detects unknown or sophisticated attacks that violate protocol specifications (RFCs and common RFC extensions). You cannot create new protocol anomalies, but you can configure a new attack object that controls how your device handles a predefined protocol anomaly when detected.
The following properties are specific to protocol anomaly attacks:
- Attack direction
- Test condition
When configuring protocol anomaly-based attacks, keep the following in mind:
- The service or application binding is a mandatory field for protocol anomaly attacks. Besides the supported applications, services also include IP, TCP, UDP, ICMP, and RPC.
- The attack direction and test condition properties are mandatory fields for configuring anomaly attack definitions.
Related Documentation
- J Series
- IDP Policies Overview
- Understanding IDP Protocol Decoders
- Understanding Custom Attack Objects
- Understanding Predefined IDP Attack Objects and Object Groups
- Example: Configuring IDP Protocol Anomaly-Based Attacks
- SRX Series
- IDP Policies Overview
- Understanding IDP Protocol Decoders
- Understanding Custom Attack Objects
- Understanding Predefined IDP Attack Objects and Object Groups
- Example: Configuring IDP Protocol Anomaly-Based Attacks
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
