Filter and Firewall
Left running head:
Chapter name (automatic)
612
Beta
Beta
OmniAccess 700 CLI Command Reference Guide
Alcatel-Lucent
IP
-
SPOOFING
ip-spoofing
D
ESCRIPTION
To gain access, intruders create packets with spoofed source IP addresses. This
exploits applications that use authentication based on IP addresses and leads to
unauthorized user and possibly root access on the targeted system.
Current intruder activity in spoofing source IP addresses can lead to unauthorized
remote root access to the systems behind a filtering-router firewall. After gaining
root access and taking over existing terminal and login connections, intruders can
gain access to remote hosts. This command is not included in the default attack
prevention list, you can explicitly include it to secure the system from this attack.
P
ARAMETERS
None.
E
XAMPLE
ALU(config-firewall-attack-A1)# ip-spoofing
IP
-
TEAR
-
DROP
ip-tear-drop
D
ESCRIPTION
Teardrop attack tool attacks the vulnerability of the TCP/IP IP fragmentation re-
assembly codes which do not properly handle the overlapping IP fragments.
Note:
This attack prevention is not configurable through the CLI, hence should always be
turned ON.
P
ARAMETERS
None.
D
EFAULT
V
ALUE
By default, this attack is turned on.
E
XAMPLE
ALU(config-firewall-attack-A1)# ip-tear-drop