We help IT Professionals succeed at work.

Teardrop attack

xavier_amala
xavier_amala asked
on
Medium Priority
1,855 Views
Last Modified: 2008-01-16
Hey guys

 i have netscreen firewall, i had a teardrop attack in my firewall from a selected ip range, can anyone help me how to block this attack or how to block this iprange from outside interface.. any ideas

Thanks for the help

Suresh
Comment
Watch Question

Top Expert 2006

Commented:
Teardrop should not affect a netscreen firewall as its an IP fragment bug exploit for early linux and Windows systems.

Is it pointed to the firewall itself ? or inside clients/via MIP/VIP ???

If so, a generic policy for some time would be good enough;

set policy id <id> from untrust to trust <Attacker> any any deny log

The above should do it.

Cheers,
Rajesh

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.