IP Fragment Attack

Configure the IP Frag Guard feature with the sysopt security fragguard command on the PIX.

This feature enforces two security checks:

First, each noninitial IP fragment is required to be associated with an already seen valid initial IP fragment.

Second, IP fragments are rated to 100 full IP fragmented packets per second to each internal host.

For information on the IP Frag Guard feature, see the following URL:

www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/cmd_ref/s.htm#xtocid22

^ Previous

[LiBI

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment