ZyXEL Communications 1000 Manual De Usuario
Chapter 34 IDP
ZyWALL USG 1000 User’s Guide
573
Action
To edit what action the ZyWALL takes when a packet matches a signature,
select the signature and use the Action icon.
select the signature and use the Action icon.
none: Select this action on an individual signature or a complete service
group to have the ZyWALL take no action when a packet matches the
signature(s).
group to have the ZyWALL take no action when a packet matches the
signature(s).
drop: Select this action on an individual signature or a complete service
group to have the ZyWALL silently drop a packet that matches the
signature(s). Neither sender nor receiver are notified.
group to have the ZyWALL silently drop a packet that matches the
signature(s). Neither sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a complete
service group to have the ZyWALL send a reset to the sender when a
packet matches the signature. If it is a TCP attack packet, the ZyWALL will
send a packet with a ‘RST’ flag. If it is an ICMP or UDP attack packet, the
ZyWALL will send an ICMP unreachable packet.
service group to have the ZyWALL send a reset to the sender when a
packet matches the signature. If it is a TCP attack packet, the ZyWALL will
send a packet with a ‘RST’ flag. If it is an ICMP or UDP attack packet, the
ZyWALL will send an ICMP unreachable packet.
reject-receiver: Select this action on an individual signature or a
complete service group to have the ZyWALL send a reset to the receiver
when a packet matches the signature. If it is a TCP attack packet, the
ZyWALL will send a packet with an a ‘RST’ flag. If it is an ICMP or UDP
attack packet, the ZyWALL will do nothing.
complete service group to have the ZyWALL send a reset to the receiver
when a packet matches the signature. If it is a TCP attack packet, the
ZyWALL will send a packet with an a ‘RST’ flag. If it is an ICMP or UDP
attack packet, the ZyWALL will do nothing.
reject-both: Select this action on an individual signature or a complete
service group to have the ZyWALL send a reset to both the sender and
receiver when a packet matches the signature. If it is a TCP attack packet,
the ZyWALL will send a packet with a ‘RST’ flag to the receiver and sender.
If it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
service group to have the ZyWALL send a reset to both the sender and
receiver when a packet matches the signature. If it is a TCP attack packet,
the ZyWALL will send a packet with a ‘RST’ flag to the receiver and sender.
If it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
#
This is the entry’s index number in the list.
Status
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
when the entry is inactive.
Service
Click the + sign next to a service group to expand it. A service group is a
group of related IDP signatures.
group of related IDP signatures.
Message
This is the name of the signature.
SID
This is the signature ID (identification) number that uniquely identifies a
ZyWALL signature.
ZyWALL signature.
Severity
These are the severities as defined in the ZyWALL. The number in brackets
is the number you use if using commands.
is the number you use if using commands.
Severe (5): These denote attacks that try to run arbitrary code or gain
system privileges.
system privileges.
High (4): These denote known serious vulnerabilities or attacks that are
probably not false alarms.
probably not false alarms.
Medium (3): These denote medium threats, access control attacks or
attacks that could be false alarms.
attacks that could be false alarms.
Low (2): These denote mild threats or attacks that could be false alarms.
Very Low (1): These denote possible attacks caused by traffic such as
Ping, trace route, ICMP queries etc.
Ping, trace route, ICMP queries etc.
Policy Type
This is the attack type as defined on the ZyWALL. See
for a description of each type.
Table 153 Configuration > Anti-X > IDP > Profile > Group View (continued)
LABEL
DESCRIPTION