IP Virtual Reassembly

A buffer overflow attack can occur when an attacker continuously sends a large number of incomplete IP fragments, causing the firewall to lose time and memory while trying to reassemble the fake packets. IP virtual reassembly is an interface feature that when turned on, will automatically reassemble fragmented packets coming into the router through that interface. Cisco recommends that you enable ip virtual-assembly on all interfaces where traffic comes into the router. To enable virtual...

Signature Definition File SDF

A SDF contains all or a subset of the signatures supported by Cisco IPS. An IPS loads the signatures contained in the SDF and scans incoming traffic for matching signatures. The IPS enforces the policy defined in the signature action. Cisco IPS uses the SDF to populates internal tables with the information necessary to detect each signature. The SDF can be saved on the router flash memory. SDFs are downloaded from cisco.com. 2007 Cisco Systems, Inc. All rights reserved. SNRS v2.0-5-E The SDF...