Command Reference Guide Global Configuration Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 417
Attacks that send TCP URG
packets Yes Any TCP packets that have the URG flag set
are discarded by the firewall. Winnuke, TCP
XMAS Scan
Falsified IP Header Attacks No The firewall verifies that the packet’s actual
length matches the length indicated in the IP
header. If it does not, the packet is dropped.
Jolt/Jolt2
Echo No All UDP echo packets are discarded by the
firewall. Char Gen
Land Attack No Any packets with the same source and
destination IP addresses are discarded. Land Attack
Broadcast Source IP No Packets with a broadcast source IP address
are discarded.
Invalid TCP Initiation Requests No TCP SYN packets that have ack, urg rst, or
fin flags set are discarded.
Invalid TCP Segment Number No The sequence numbers for every active TCP
session are maintained in the firewall
session database. If the firewall received a
segment with an unexpected (or invalid)
sequence number, the packet is dropped.
IP Source Route Option No All IP packets containing the IP source route
option are dropped.