- CheckMates
- :
- Products
- :
- Quantum
- :
- SMB Gateways (Spark)
- :
- Re: SMB IPS Max Ping Size Attack
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SMB IPS Max Ping Size Attack
During the tests for CPs WatchTower App, i found a most interesting entry in Statistics:
Who is responsible for this traffic ? In logs i could see that my iPhone, connected to SMB wireless, has sent the package to LAN6 Switch where the Wireless network is defined. Why that ? Unclear RFC ?
But we have exceptions ready:
Since that was defined, no more Max Ping Size Attack has occured 😀 !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Probably worth a TAC case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Was a TAC opened for this? I've seen this on previous firmwares about the same attack.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe I've verified that one of my sites with this message receives these hits from a Samsung Mobile device. I feel like maybe Samsung tries to do some connectivity tests when on WiFi that CheckPoint doesn't like. Not sure if anyone else can see the same thing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Large ping to the default gateway is common in mobile devices.
Just bypass this protection from your wireless networks to the gateway.
