In a large ICMP packet attack, an attacker uses large ICMP packets to attack target systems. When receiving such packets, certain systems crash, stop responding, or restart due to the improper processing of the packets.
In a large ICMP packet attack, the attacker uses large ICMP packets to attack the target systems. After receiving such packets, certain systems may crash, stop responding, or restart due to improper processing of the packets.
The maximum sizes of allowed ICMP packets can be configured as required. When the sizes of the actual ICMP packets are larger than the values, the FW regards that large ICMP packet attacks occur and discards the packets.
firewall defend large-icmp max-length [ length ]
Parameter length identifies whether an ICMP packet is large. If the length of the ICMP packet exceeds length, the packet is regarded as a large one and then discarded.
If the value of length is not set, the default value is 4000 (bytes).