Q:
Topic thread:
RALEIGH NETWORKING SUPPORT CENTER (RALY - NA/ATS)
IBM COMMERCEPOINT
IBM eNetwork Firewall V3.2 for AIX
A customer has submitted an Request for Proposal looking for the
following capabilities in our AIX firewall:
- IP Fragmentation control
- Protection from Teardrop, TCP Syn Flood, Ping of Death
- Dynamic IP ports control (RPC, SQL*Net V2, Netbios)
Can the IBM firewall provide these? Thanks.
A:
IP Fragmentation control is handled by the IBM Firewall via one of
the pre-defined services. The Firewall administrator can determine
multiple possibilities on how fragmented IP pacets can be handled.
By making selections via the Firewall GUI for Fragmentation control,
the Firewall rules are automatically generated.
Teardrop, Ping of Death, etc. are all various forms of 'denial of
service' attacks, and most of these attacks are successful when
there is no firewall in place to protect an enterprises network.
Another reason these attacks can be successful is that targeted systems
have not been patched by their system administrator when new fixes
against these attacks become available. But when a firewall is put in
place, it reduces the exposure to denail-of-service attacks because it
prevents rogue packets from flowing into the secure packets. Worst
case, the Firewall may shut down as a result of this attack, but the
internal network would be safe, therefore, the firewall has done its
job properly.
The Dynamic IP ports control I'll have to research. I'll update the
PMR as soon as I have an answer, and try to get something to you by
tomorrow.
Thanks for using ASKQ¢
S e a r c h - k e y w o r d s:
denial of service
ping of death
teardrop attack
WWQA: ITEM: RTA000153580 ITEM: RTA000153580
Dated: 11/1998 Category: FIREWAIX
This HTML file was generated 99/06/24~12:43:41
Comments or suggestions?
Contact us