ZyXEL Communications 1000 User Manual
Chapter 34 IDP
ZyWALL USG 1000 User’s Guide
590
34.8.2 Custom Signature Example
Before creating a custom signature, you must first clearly understand the
vulnerability.
vulnerability.
34.8.2.1 Understand the Vulnerability
Check the ZyWALL logs when the attack occurs. Use web sites such as Google or
Security Focus to get as much information about the attack as you can. The more
specific your signature, the less chance it will cause false positives.
Security Focus to get as much information about the attack as you can. The more
specific your signature, the less chance it will cause false positives.
As an example, say you want to check if your router is being overloaded with DNS
queries so you create a signature to detect DNS query traffic.
queries so you create a signature to detect DNS query traffic.
OK
Click this button to save your changes to the ZyWALL and return to
the summary screen.
the summary screen.
Cancel
Click this button to return to the summary screen without saving any
changes.
changes.
Table 159 Configuration > Anti-X > IDP > Custom Signatures > Add/Edit (continued)
LABEL
DESCRIPTION