Home » ZyXEL Manuals » Networking » ZyXEL ZyWALL 2 Plus » Manual Viewer

ZyXEL ZyWALL 2 Plus User Guide - Page 437

Table 145, Table 144

Get ZyXEL ZyWALL 2 Plus PDF manuals and user guides

View all ZyXEL ZyWALL 2 Plus manuals

Add to My Manuals
Save this manual to your list of manuals

Page 437 highlights

Chapter 25 Logs Screens Table 144 Attack Logs (continued) LOG MESSAGE DESCRIPTION teardrop UDP The firewall detected an UDP teardrop attack. teardrop ICMP (type:%d, code:%d) The firewall detected an ICMP teardrop attack. illegal command TCP The firewall detected a TCP illegal command attack. NetBIOS TCP The firewall detected a TCP NetBIOS attack. ip spoofing - no routing entry [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The firewall classified a packet with no source routing entry as an IP spoofing attack. ip spoofing - no routing entry ICMP (type:%d, code:%d) The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. vulnerability ICMP (type:%d, code:%d) The firewall detected an ICMP vulnerability attack. traceroute ICMP (type:%d, The firewall detected an ICMP traceroute attack. code:%d) ports scan UDP The firewall detected a UDP port scan attack. Firewall sent TCP packet in response to DoS attack TCP The firewall sent TCP packet in response to a DoS attack ICMP Source Quench ICMP The firewall detected an ICMP Source Quench attack. ICMP Time Exceed ICMP The firewall detected an ICMP Time Exceed attack. ICMP Destination Unreachable ICMP The firewall detected an ICMP Destination Unreachable attack. ping of death. ICMP The firewall detected an ICMP ping of death attack. smurf ICMP The firewall detected an ICMP smurf attack. IP address in FTP port command is different from the client IP address. It maybe a bounce attack. The IP address in an FTP port command is different from the client IP address. It may be a bounce attack. Fragment packet size is smaller than the MTU size of output interface. The fragment packet size is smaller than the MTU size of output interface. Table 145 Remote Management Logs LOG MESSAGE Remote Management: FTP denied Remote Management: TELNET denied Remote Management: HTTP or UPnP denied Remote Management: WWW denied DESCRIPTION Attempted use of FTP service was blocked according to remote management settings. Attempted use of TELNET service was blocked according to remote management settings. Attempted use of HTTP or UPnP service was blocked according to remote management settings. Attempted use of WWW service was blocked according to remote management settings. ZyWALL 2 Plus User's Guide 437

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	7
Table of Contents	9
List of Figures	25
List of Tables	37
Introduction and Registration	43
Getting to Know Your ZyWALL	45
1.1 ZyWALL Internet Security Appliance Overview	45
1.2 Applications for the ZyWALL	45
1.2.1 Secure Broadband Internet Access via Cable or DSL Modem	45
1.2.2 VPN Application	46
1.3 Ways to Manage the ZyWALL	46
1.4 Good Habits for Managing the ZyWALL	47
1.5 LEDs	47
Introducing the Web Configurator	49
2.1 Web Configurator Overview	49
2.2 Accessing the ZyWALL Web Configurator	49
2.3 Resetting the ZyWALL	51
2.3.1 Procedure To Use The Reset Button	51
2.3.2 Uploading a Configuration File Via Console Port	51
2.4 Navigating the ZyWALL Web Configurator	52
2.4.1 Title Bar	52
2.4.2 Main Window	52
2.4.3 HOME Screen: Router Mode	53
2.4.4 HOME Screen: Bridge Mode	55
2.4.5 Navigation Panel	58
2.4.6 Port Statistics	62
2.4.7 DHCP Table Screen	63
2.4.8 VPN Status	64
2.4.9 Bandwidth Monitor	65
Wizard Setup	67
3.1 Wizard Setup Overview	67
3.2 Internet Access	68
3.2.1 ISP Parameters	68
3.2.1.1 Ethernet	68
3.2.1.2 PPPoE Encapsulation	69
3.2.1.3 PPTP Encapsulation	71
3.2.2 Internet Access Wizard: Second Screen	73
3.2.3 Internet Access Wizard Setup Complete	73
3.2.4 Internet Access Wizard: Registration	74
3.2.5 Internet Access Wizard: Status	76
3.2.6 Internet Access Wizard: Service Activation	77
3.3 VPN Wizard Gateway Setting	77
3.4 VPN Wizard Network Setting	78
3.5 VPN Wizard IKE Tunnel Setting (IKE Phase 1)	80
3.6 VPN Wizard IPSec Setting (IKE Phase 2)	81
3.7 VPN Wizard Status Summary	83
3.8 VPN Wizard Setup Complete	85
Tutorials	87
4.1 Security Settings for VPN Traffic	87
4.1.1 Firewall Rule for VPN Example	87
4.1.2 Configuring the VPN Rule	88
4.1.3 Configuring the Firewall Rules	91
4.1.3.1 Firewall Rule to Allow Access Example	91
4.1.3.2 Default Firewall Rule to Block Other Access Example	94
4.2 Using NAT with Multiple Public IP Addresses	95
4.2.1 Example Parameters and Scenario	95
4.2.2 Configuring the WAN Connection with a Static IP Address	96
4.2.3 Public IP Address Mapping	99
4.2.4 Forwarding Traffic from the WAN to a Local Computer	103
4.2.5 Allow WAN-to-LAN Traffic through the Firewall	105
4.2.6 Testing the Connections	112
4.3 Using NAT with Multiple Game Players	112
4.4 How to Manage the ZyWALL’s Bandwidth	113
4.4.1 Example Parameters and Scenario	113
4.4.2 Configuring Bandwidth Management Rules	114
4.5 Configuring Content Filtering	118
4.5.1 Enable Content Filtering	118
4.5.2 Block Categories of Web Content	119
4.5.3 Assign Bob’s Computer a Specific IP Address	121
4.5.4 Create a Content Filter Policy for Bob	121
4.5.5 Set the Content Filter Schedule	122
4.5.6 Block Categories of Web Content for Bob	123
Registration Screens	125
5.1 Overview	125
5.1.1 What You Can Do in the Registration Screens	125
5.1.2 What You Need to Know About Registration	125
5.2 The Registration Screen	126
5.3 The Service Screen	128
Network	129
LAN Screens	131
6.1 Overview	131
6.1.1 What You Can Do in The LAN Screens	131
6.1.2 What You Need to Know About LAN	132
6.2 The LAN Screen	134
6.3 The Static DHCP Screen	137
6.4 The LAN IP Alias Screen	139
6.5 The LAN Port Roles Screen	140
Bridge Screens	143
7.1 Overview	143
7.1.1 What You Can Do in the Bridge Screens	143
7.1.2 What You Need To Know About Bridging	144
7.2 The Bridge Screen	145
7.3 The Bridge Port Roles Screen	147
7.4 Bridge Technical Reference	148
WAN Screens	151
8.1 Overview	151
8.1.1 What You Can Do in the WAN Screens	151
8.1.2 What You Need To Know About WAN	151
8.2 The WAN Route Screen	152
8.3 The WAN Screen	153
8.3.1 Configuring Ethernet Encapsulation	155
8.3.2 Configuring PPPoE Encapsulation	158
8.3.3 Configuring PPTP Encapsulation	160
8.4 The Traffic Redirect Screen	163
8.5 Configuring Traffic Redirect	164
8.6 The Dial Backup Screen	165
8.6.1 Advanced Modem Setup	168
DMZ Screens	171
9.1 Overview	171
9.1.1 What You Can Do in the DMZ Screens	171
9.1.2 What You Need To Know About DMZ	172
9.1.3 DMZ Public IP Address Example	172
9.1.4 DMZ Private and Public IP Address Example	173
9.2 The DMZ Screen	174
9.3 The Static DHCP Screen	177
9.4 The IP Alias Screen	179
9.5 The DMZ Port Roles Screen	181
Wireless LAN Screens	183
10.1 Overview	183
10.1.1 What You Need to Know About Wireless LAN	184
10.2 The WLAN Screen	184
10.3 The Static DHCP Screen	187
10.4 The IP Alias Screen	189
10.5 The Port Roles Screen	190
Security	193
Firewall Screens	195
11.1 Overview	195
11.1.1 What You Can Do in the Firewall Screens	196
11.1.2 What You Need To Know About The ZyWALL Firewall	196
11.1.3 Before You Begin	196
11.2 Firewall Rules Examples	196
11.3 The Firewall Default Rule Screen (Router Mode)	198
11.4 The Firewall Default Rule Screen (Bridge Mode)	200
11.5 The Firewall Rule Summary Screen	202
11.5.1 The Firewall Edit Rule Screen	204
11.6 The Anti-Probing Screen	207
11.7 The Threshold Screen	208
11.8 The Service Screen	210
11.8.1 The Firewall Edit Custom Service Screen	211
11.8.2 My Service Firewall Rule Example	212
11.9 Firewall Technical Reference	215
Content Filtering Screens	223
12.1 Overview	223
12.1.1 What You Can Do in the Content Filtering Screens	223
12.1.2 What You Need to Know About Content Filtering	223
12.2 The General Screen	224
12.3 The Policy Screen	227
12.3.1 The Edit Policy Screen	229
12.3.2 The Edit Policy Screen: External Database	230
12.3.3 The Edit Policy Screen: Customization	237
12.3.4 The Edit Policy Screen: Schedule	239
12.4 The Object Screen	240
12.5 The Cache Screen	243
Content Filtering Reports	245
13.1 Checking Content Filtering Activation	245
13.2 Viewing Content Filtering Reports	245
13.3 Web Site Submission	250
IPSec VPN Screens	253
14.1 Overview	253
14.1.1 What You Can Do in the IPSec VPN Screens	253
14.1.2 What You Need to Know About IPSec VPN	254
14.2 The VPN Rules (IKE) Screen	256
14.2.1 The VPN Rules (IKE) Gateway Policy Edit Screen	257
14.2.2 The VPN Rules (IKE) Network Policy Edit Screen	263
14.2.3 The Network Policy Port Forwarding Screen	268
14.2.4 The Network Policy Move Screen	270
14.3 The VPN Rules (Manual) Screen	271
14.3.1 The VPN Rules (Manual) Edit Screen	272
14.4 The SA Monitor Screen	275
14.5 The Global Setting Screen	275
14.5.1 Configuring the Global Setting Screen	277
14.6 Telecommuter VPN/IPSec Examples	278
14.6.1 Telecommuters Sharing One VPN Rule Example	279
14.6.2 Telecommuters Using Unique VPN Rules Example	279
14.7 VPN and Remote Management	281
14.8 Hub-and-spoke VPN	281
14.8.1 Hub-and-spoke VPN Example	282
14.8.2 Hub-and-spoke Example VPN Rule Addresses	283
14.8.3 Hub-and-spoke VPN Requirements and Suggestions	283
14.9 IPSec VPN Technical Reference	283
Certificates Screen	295
15.1 Overview	295
15.1.1 What You Can Do in the Certificate Screens	295
15.1.2 What You Need to Know About Certificates	295
15.2 The My Certificates Screen	297
15.2.1 The My Certificate Details Screen	299
15.3 The My Certificate Export Screen	302
15.4 The My Certificate Import Screen	303
15.5 The My Certificate Create Screen	305
15.6 The Trusted CAs Screen	309
15.7 The Trusted CA Details Screen	311
15.8 The Trusted CA Import Screen	313
15.9 The Trusted Remote Hosts Screen	314
15.10 The Trusted Remote Hosts Details Screen	315
15.11 The Trusted Remote Hosts Import Screen	318
15.12 The Directory Servers Screen	319
15.13 The Directory Server Add or Edit Screen	320
Authentication Server Screens	323
16.1 Overview	323
16.1.1 What You Can Do in the Authentication Server Screens	323
16.1.2 What You Need To Know About Authentication Server	323
16.2 The Local User Database Screen	324
16.3 The RADIUS Screen	326
Advanced	329
Network Address Translation (NAT) Screens	331
17.1 Overview	331
17.1.1 What You Can Do in the NAT Screens	331
17.1.2 What You Need To Know About NAT	331
17.1.3 Before You Begin	332
17.2 The NAT Overview Screen	332
17.3 The Address Mapping Screen	334
17.3.1 The Address Mapping Edit Screen	335
17.4 The Port Forwarding Screen	336
17.4.1 Configuring Servers Behind Port Forwarding (Example)	337
17.4.2 Configuring the Port Forwarding Screen	338
17.5 The Port Triggering Screen	340
17.6 NAT Technical Reference	341
Static Route Screens	347
18.1 Overview	347
18.1.1 What You Can Do in the Static Route Screens	347
18.2 The IP Static Route Screen	348
18.2.1 The IP Static Route Edit Screen	349
Bandwidth Management Screens	351
19.1 Overview	351
19.1.1 What You Can Do in the Bandwidth Management Screens	351
19.1.2 What You Need to Know About Bandwidth Management	352
19.2 Bandwidth Management Examples	353
19.2.1 Application and Subnet-based Bandwidth Management Example	353
19.2.2 Maximize Bandwidth Usage With Bandwidth Borrowing Example	354
19.2.3 Over Allotment of Bandwidth	354
19.3 The Summary Screen	354
19.3.1 Maximize Bandwidth Usage Example	356
19.3.1.1 Priority-based Allotment of Unused and Unbudgeted Bandwidth	356
19.3.1.2 Fairness-based Allotment of Unused and Unbudgeted Bandwidth	357
19.3.2 Reserving Bandwidth for Non-Bandwidth Class Traffic	357
19.4 The Class Setup	357
19.4.1 Bandwidth Manager Class Configuration	359
19.4.2 Bandwidth Borrowing Example	362
19.4.3 The Bandwidth Management Statistics Screen	362
19.5 The Bandwidth Manager Monitor Screen	363
DNS Screens	365
20.1 Overview	365
20.1.1 What You Can Do in the DNS Screens	365
20.1.2 What You Need To Know About DNS	365
20.2 The System Screen	367
20.2.1 The Add Address Record Screen	369
20.2.2 The Insert a Name Server Record Screen	370
20.3 The DNS Cache Screen	371
20.4 The DHCP Screen	372
20.5 The DDNS Screen	373
Remote Management Screens	377
21.1 Overview	377
21.1.1 What You Can Do in the Remote Management Screens	377
21.1.2 What You Need To Know About Remote Management	378
21.2 Remote Management Examples	379
21.2.1 HTTPS Example	379
21.2.1.1 Internet Explorer Warning Messages	379
21.2.1.2 Netscape Navigator Warning Messages	379
21.2.1.3 Avoiding the Browser Warning Messages	380
21.2.1.4 Login Screen	381
21.2.2 Secure Telnet Using SSH Examples	383
21.2.2.1 Example 1: Microsoft Windows	383
21.2.2.2 Example 2: Linux	383
21.2.3 Secure FTP Using SSH Example	384
21.3 The WWW Screen	385
21.3.1 Configuring the WWW Screen	386
21.4 The SSH Screen	387
21.4.1 Configuring the SSH Screen	388
21.5 The Telnet Screen	388
21.6 The FTP Screen	389
21.7 The SNMP Screen	390
21.7.1 Supported MIBs	391
21.7.2 SNMP Traps	392
21.7.3 Configuring the SNMP Screen	392
21.8 The DNS Screen	393
21.9 The CNM Screen	394
21.9.1 Additional Configuration for Vantage CNM	395
21.10 Remote Management Technical Reference	396
UPnP Screens	397
22.1 Overview	397
22.1.1 What You Can Do in the UPnP Screens	397
22.1.2 What You Need To Know About UPnP	397
22.2 UPnP Examples	398
22.2.1 Installing UPnP in Windows Example	398
22.2.1.1 Installing UPnP in Windows Me	399
22.2.1.2 Installing UPnP in Windows XP	400
22.2.2 Using UPnP in Windows XP Example	400
22.2.2.1 Auto-discover Your UPnP-enabled Network Device	401
22.2.2.2 Web Configurator Easy Access	402
22.3 The UPnP Screen	404
22.4 The Ports Screen	405
Custom Application Screen	407
23.1 Overview	407
23.1.1 What You Need to Know About Custom Application	407
23.2 The Custom Application Screen	407
ALG Screen	409
24.1 Overview	409
24.1.1 What You Need to Know About ALG	409
24.2 ALG Screen	412
Logs and Maintenance	415
Logs Screens	417
25.1 Overview	417
25.1.1 What You Can Do in the Log Screens	417
25.1.2 What You Need To Know About Logs	417
25.2 The View Log Screen	417
25.3 Log Description Example	419
25.3.1 About the Certificate Not Trusted Log	419
25.4 The Log Settings Screen	420
25.5 The Traffic Statistics Screen	424
25.5.1 Viewing Web Site Hits	425
25.5.2 Viewing Host IP Address	426
25.5.3 Viewing Protocol/Port	427
25.5.4 System Reports Specifications	429
25.6 The E-mail Report Screen	429
25.7 Logs Technical Reference	431
Maintenance Screens	447
26.1 Overview	447
26.1.1 What You Can Do in the Maintenance Screens	447
26.2 The General Setup Screen	447
26.3 The Password Screen	448
26.4 The Time and Date Screen	449
26.4.1 Time Server Synchronization Example	452
26.5 The Device Mode Screen	453
26.5.1 The Device Mode Screen (Router)	453
26.5.2 The Device Mode Screen (Bridge)	454
26.6 The F/W Upload Screen	457
26.7 The Backup and Restore Screen	458
26.7.1 Backup Configuration	459
26.7.2 Restore Configuration	459
26.7.3 Back to Factory Defaults	461
26.8 The Restart Screen	461
26.9 The Diagnostics Screen	461
SMT	465
Introducing the SMT	467
27.1 Introduction to the SMT	467
27.2 Accessing the SMT via the Console Port	467
27.2.1 Initial Screen	467
27.2.2 Entering the Password	468
27.3 Navigating the SMT Interface	468
27.3.1 Main Menu	469
27.3.2 SMT Menus Overview	471
27.4 Changing the System Password	472
27.5 Resetting the ZyWALL	473
SMT Menu 1 - General Setup	475
28.1 Introduction to General Setup	475
28.2 Configuring General Setup	475
28.2.1 Configuring Dynamic DNS	476
28.2.1.1 Editing DDNS Host	477
WAN and Dial Backup Setup	481
29.1 Introduction to WAN and Dial Backup Setup	481
29.2 WAN Setup	481
29.3 Dial Backup	482
29.4 Configuring Dial Backup in Menu 2	482
29.5 Advanced WAN Setup	483
29.6 Remote Node Profile (Backup ISP)	485
29.7 Editing TCP/IP Options	487
29.8 Editing Login Script	488
29.9 Remote Node Filter	489
LAN Setup	491
30.1 Introduction to LAN Setup	491
30.2 Accessing the LAN Menus	491
30.3 LAN Port Filter Setup	491
30.4 TCP/IP and DHCP Ethernet Setup Menu	492
30.4.1 IP Alias Setup	495
Internet Access	497
31.1 Introduction to Internet Access Setup	497
31.2 Ethernet Encapsulation	497
31.3 Configuring the PPTP Client	499
31.4 Configuring the PPPoE Client	499
31.5 Basic Setup Complete	500
DMZ Setup	501
32.1 Configuring DMZ Setup	501
32.2 DMZ Port Filter Setup	501
32.3 TCP/IP Setup	502
32.3.1 IP Address	502
32.3.2 IP Alias Setup	503
Wireless Setup	505
33.1 TCP/IP Setup	505
33.1.1 IP Address	505
33.1.2 IP Alias Setup	506
Remote Node Setup	509
34.1 Introduction to Remote Node Setup	509
34.2 Remote Node Setup	509
34.3 Remote Node Profile Setup	509
34.3.1 Ethernet Encapsulation	510
34.3.2 PPPoE Encapsulation	511
34.3.2.1 Outgoing Authentication Protocol	512
34.3.2.2 Nailed-Up Connection	512
34.3.2.3 Metric	513
34.3.3 PPTP Encapsulation	513
34.4 Edit IP	514
34.5 Remote Node Filter	516
34.6 Traffic Redirect	517
IP Static Route Setup	519
35.1 IP Static Route Setup	519
Network Address Translation (NAT)	521
36.1 Using NAT	521
36.1.1 SUA (Single User Account) Versus NAT	521
36.1.2 Applying NAT	521
36.2 NAT Setup	523
36.2.1 Address Mapping Sets	523
36.2.1.1 SUA Address Mapping Set	524
36.2.1.2 User-Defined Address Mapping Sets	525
36.2.1.3 Ordering Your Rules	526
36.3 Configuring a Server behind NAT	528
36.4 General NAT Examples	530
36.4.1 Internet Access Only	530
36.4.2 Example 2: Internet Access with a Default Server	532
36.4.3 Example 3: Multiple Public IP Addresses With Inside Servers	532
36.4.4 Example 4: NAT Unfriendly Application Programs	536
36.5 Trigger Port Forwarding	537
36.5.1 Two Points To Remember About Trigger Ports	537
Introducing the ZyWALL Firewall	539
37.1 Using ZyWALL SMT Menus	539
37.1.1 Activating the Firewall	539
Filter Configuration	541
38.1 Introduction to Filters	541
38.1.1 The Filter Structure of the ZyWALL	542
38.2 Configuring a Filter Set	544
38.2.1 Configuring a Filter Rule	546
38.2.2 Configuring a TCP/IP Filter Rule	546
38.2.3 Configuring a Generic Filter Rule	549
38.3 Example Filter	550
38.4 Filter Types and NAT	552
38.5 Firewall Versus Filters	552
38.5.1 Packet Filtering:	552
38.5.1.1 When To Use Filtering	553
38.5.2 Firewall	553
38.5.2.1 When To Use The Firewall	553
38.6 Applying a Filter	553
38.6.1 Applying LAN Filters	554
38.6.2 Applying DMZ Filters	554
38.6.3 Applying Remote Node Filters	555
SNMP Configuration	557
39.1 SNMP Configuration	557
39.2 SNMP Traps	558
System Information & Diagnosis	559
40.1 Introduction to System Status	559
40.2 System Status	559
40.3 System Information and Console Port Speed	561
40.3.1 System Information	561
40.3.2 Console Port Speed	562
40.4 Log and Trace	562
40.4.1 Viewing Error Log	562
40.4.2 Syslog Logging	563
40.4.3 Call-Triggering Packet	566
40.5 Diagnostic	567
40.5.1 WAN DHCP	568
Firmware and Configuration File Maintenance	571
41.1 Introduction	571
41.2 Filename Conventions	571
41.3 Backup Configuration	572
41.3.1 Backup Configuration	572
41.3.2 Using the FTP Command from the Command Line	573
41.3.3 Example of FTP Commands from the Command Line	574
41.3.4 GUI-based FTP Clients	574
41.3.5 File Maintenance Over WAN	574
41.3.6 Backup Configuration Using TFTP	575
41.3.7 TFTP Command Example	575
41.3.8 GUI-based TFTP Clients	575
41.3.9 Backup Via Console Port	576
41.4 Restore Configuration	577
41.4.1 Restore Using FTP	577
41.4.2 Restore Using FTP Session Example	578
41.4.3 Restore Via Console Port	579
41.5 Uploading Firmware and Configuration Files	579
41.5.1 Firmware File Upload	580
41.5.2 Configuration File Upload	580
41.5.3 FTP File Upload Command from the DOS Prompt Example	581
41.5.4 FTP Session Example of Firmware File Upload	582
41.5.5 TFTP File Upload	582
41.5.6 TFTP Upload Command Example	583
41.5.7 Uploading Via Console Port	583
41.5.8 Uploading Firmware File Via Console Port	583
41.5.9 Example Xmodem Firmware Upload Using HyperTerminal	583
41.5.10 Uploading Configuration File Via Console Port	584
41.5.11 Example Xmodem Configuration Upload Using HyperTerminal	585
System Maintenance Menus 8 to 10	587
42.1 Command Interpreter Mode	587
42.1.1 Command Syntax	588
42.1.2 Command Usage	588
42.2 Call Control Support	589
42.2.1 Budget Management	589
42.2.2 Call History	590
42.3 Time and Date Setting	591
Remote Management	595
43.1 Remote Management	595
43.1.1 Remote Management Limitations	597
Call Scheduling	599
44.1 Introduction to Call Scheduling	599
Troubleshooting and Specifications	603
Troubleshooting	605
45.1 Power, Hardware Connections, and LEDs	605
45.2 ZyWALL Access and Login	606
45.3 Internet Access	608
45.4 Wireless Router/AP Troubleshooting	610

Match case Limit results 1 per page

Chapter 25 Logs Screens

ZyWALL 2 Plus User’s Guide

437

teardrop UDP

The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,

code:%d)

The firewall detected an ICMP teardrop attack.

illegal command TCP

The firewall detected a TCP illegal command attack.

NetBIOS TCP

The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing

entry [ TCP | UDP | IGMP

| ESP | GRE | OSPF ]

The firewall classified a packet with no source routing entry as an

IP spoofing attack.

ip spoofing - no routing

entry ICMP (type:%d,

code:%d)

The firewall classified an ICMP packet with no source routing

entry as an IP spoofing attack.

vulnerability ICMP

(type:%d, code:%d)

The firewall detected an ICMP vulnerability attack.

traceroute ICMP (type:%d,

code:%d)

The firewall detected an ICMP traceroute attack.

ports scan UDP

The firewall detected a UDP port scan attack.

Firewall sent TCP packet

in response to DoS attack

TCP

The firewall sent TCP packet in response to a DoS attack

ICMP Source Quench ICMP

The firewall detected an ICMP Source Quench attack.

ICMP Time Exceed ICMP

The firewall detected an ICMP Time Exceed attack.

ICMP Destination

Unreachable ICMP

The firewall detected an ICMP Destination Unreachable attack.

ping of death. ICMP

The firewall detected an ICMP ping of death attack.

smurf ICMP

The firewall detected an ICMP smurf attack.

IP address in FTP port

command is different from

the client IP address. It

maybe a bounce attack.

The IP address in an FTP port command is different from the

client IP address. It may be a bounce attack.

Fragment packet size is

smaller than the MTU size

of output interface.

The fragment packet size is smaller than the MTU size of output

interface.

Table 145

Remote Management Logs

LOG MESSAGE

DESCRIPTION

Remote Management: FTP denied

Attempted use of FTP service was blocked according to

remote management settings.

Remote Management: TELNET denied

Attempted use of TELNET service was blocked

according to remote management settings.

Remote Management: HTTP or UPnP

denied

Attempted use of HTTP or UPnP service was blocked

according to remote management settings.

Remote Management: WWW denied

Attempted use of WWW service was blocked according

to remote management settings.

Table 144

Attack Logs (continued)

LOG MESSAGE

DESCRIPTION