{"id":119,"date":"2022-04-25T07:31:32","date_gmt":"2022-04-25T11:31:32","guid":{"rendered":"https:\/\/pressbooks.bccampus.ca\/paloalto\/?post_type=chapter&#038;p=119"},"modified":"2026-02-19T15:36:04","modified_gmt":"2026-02-19T20:36:04","slug":"deal-with-bad-actors","status":"publish","type":"chapter","link":"https:\/\/pressbooks.bccampus.ca\/paloalto\/chapter\/deal-with-bad-actors\/","title":{"raw":"2.2 Deal with Bad Actors","rendered":"2.2 Deal with Bad Actors"},"content":{"raw":"<div class=\"textbox textbox--learning-objectives\"><header class=\"textbox__header\">\r\n<p class=\"textbox__title\">Learning Objectives<\/p>\r\n\r\n<\/header>\r\n<div class=\"textbox__content\">\r\n<ul>\r\n \t<li>Restrict certain websites<\/li>\r\n \t<li>Deal with DoS floods<\/li>\r\n<\/ul>\r\n<\/div>\r\n<\/div>\r\n<div class=\"textbox\">\r\n\r\n<strong>Prerequisites<\/strong>:\r\n<ul>\r\n \t<li>SNAT for the Internet<\/li>\r\n \t<li>Security policy for Inside to Outside<\/li>\r\n \t<li>Interface configuration<\/li>\r\n \t<li>Knowledge of previous labs<\/li>\r\n<\/ul>\r\n<\/div>\r\n<div class=\"textbox shaded\">\r\n\r\n<strong>Scenario<\/strong>: In this lab, we will learn how to block a specific website and how to prevent script kiddies from succeeding with the infinite ping tool they downloaded from the sketchiest site you've ever seen. Kali acts like an attacker machine and we are going to attack the firewall through port Ethernet1\/2. Then, we'll enable DoS Prevention in the firewall to prevent attacks.\r\n\r\n<\/div>\r\n\r\n[caption id=\"attachment_197\" align=\"aligncenter\" width=\"1164\"]<img class=\"wp-image-197 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image.png\" alt=\"Main scenario\" width=\"1164\" height=\"604\" \/> Figure 2.6: Main scenario[\/caption]\r\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%;height: 107px\" border=\"0\"><caption>Table 2.3: Addressing Table<\/caption>\r\n<tbody>\r\n<tr style=\"height: 15px\">\r\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Device<\/th>\r\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Configuration<\/th>\r\n<\/tr>\r\n<tr style=\"height: 47px\">\r\n<td style=\"width: 50%;height: 47px\">PaloAlto-1<\/td>\r\n<td style=\"width: 50%;height: 47px\">management: 192.168.0.1\/24\r\nEthernet1\/1: 10.0.0.1\/24\r\nEthernet1\/2: DHCP<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Client (webterm)<\/td>\r\n<td style=\"width: 50%;height: 15px\">eth0: 10.0.0.2\/24 GW: 10.0.0.1\u00a0DNS: 8.8.8.8<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Management (webterm)<\/td>\r\n<td style=\"width: 50%;height: 15px\">eth0: 192.168.0.2\/24<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">KaliLinux2019-3-1<\/td>\r\n<td style=\"width: 50%;height: 15px\">eth0: DHCP<\/td>\r\n<\/tr>\r\n<\/tbody>\r\n<\/table>\r\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%\" border=\"0\"><caption>Table 2.4: Zone Configuration<\/caption>\r\n<tbody>\r\n<tr>\r\n<th style=\"width: 50%\" scope=\"col\">Zone<\/th>\r\n<th style=\"width: 50%\" scope=\"col\">Interfaces<\/th>\r\n<\/tr>\r\n<tr>\r\n<td style=\"width: 50%\">Inside<\/td>\r\n<td style=\"width: 50%\">Ethernet1\/1<\/td>\r\n<\/tr>\r\n<tr>\r\n<td style=\"width: 50%\">Outside<\/td>\r\n<td style=\"width: 50%\">Ethernet1\/2<\/td>\r\n<\/tr>\r\n<\/tbody>\r\n<\/table>\r\n<h2>Create a URL Category<\/h2>\r\nUnder<strong> object &gt; custom objects &gt; URL category<\/strong>, click <strong>Add<\/strong>. Click cancel on the pop-up.\r\n\r\n[caption id=\"attachment_198\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-198 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image.png\" alt=\"Create a Custom URL Category\" width=\"1026\" height=\"830\" \/> Figure 2.7: Create a Custom URL Category[\/caption]\r\n\r\nHere we can block 5, 6, or multiple sites. But here we will use just 1. Give it a name, then click <strong>Add<\/strong>.\r\n\r\n[caption id=\"attachment_620\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-620 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1.jpg\" alt=\"Add a CustomURL Category\" width=\"1026\" height=\"830\" \/> Figure 2.8: Add a CustomURL Category[\/caption]\r\n\r\nEnter some websites you would like to block. Here I have added a sample website <a href=\"https:\/\/www.thegreattechadventure.com\">(www.thegreattechadventure.com)<\/a> you can also use wildcards if you want.\r\n\r\nAfter you're done. Click <strong>OK<\/strong>.\r\n<h2>Block a Website<\/h2>\r\nUnder <strong>Policies &gt; Security<\/strong>. Click <strong>Add<\/strong>:\r\n\r\n[caption id=\"attachment_382\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-382 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3.jpg\" alt=\"Add a security policy\" width=\"1026\" height=\"830\" \/> Figure 2.9: Add a security policy[\/caption]\r\n\r\nUnder the source tab, add the Inside zone under the source zone:\r\n\r\n[caption id=\"attachment_201\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-201 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image.png\" alt=\"Add a Source Zone\" width=\"1026\" height=\"830\" \/> Figure 2.10: Add a Source Zone[\/caption]\r\n\r\nUnder the destination tab, add the Outside zone under the destination zone:\r\n\r\n[caption id=\"attachment_202\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-202 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image.png\" alt=\"Add a Destination Zone\" width=\"1026\" height=\"830\" \/> Figure 2.11: Add a Destination Zone[\/caption]\r\n\r\nUnder the <strong>Service\/URL<\/strong> Category tab, add the created URL category you created in the previous step.\r\n\r\n[caption id=\"attachment_621\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-621 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2.jpg\" alt=\"Assign URL Category\" width=\"1026\" height=\"830\" \/> Figure 2.12: Assign URL Category[\/caption]\r\n\r\nUnder the actions page, set the action to deny.\r\n\r\n[caption id=\"attachment_386\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-386 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2.jpg\" alt=\"Set an Action to Deny\" width=\"1026\" height=\"830\" \/> Figure 2.13: Set an Action to Deny[\/caption]\r\n\r\nThen click <strong>OK<\/strong>.\r\n<h2>Enable Block Pages<\/h2>\r\nUnder <strong>Device &gt; Response pages<\/strong>. Click on Disabled beside Application Block Page.\r\n\r\n[caption id=\"attachment_387\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-387 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3.jpg\" alt=\"Enabling Application Block Page\" width=\"1026\" height=\"830\" \/> Figure 2.14: Enabling Application Block Page[\/caption]\r\n\r\n<span style=\"background-color: #ffff00\">Enable the checkbox, then press <strong>OK<\/strong>.<\/span>\r\n\r\n[caption id=\"attachment_206\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-206 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image.png\" alt=\"Enabling Application Block Page\" width=\"1026\" height=\"830\" \/> Figure 2.15: Enabling Application Block Page[\/caption]\r\n\r\nMake sure to commit your changes!\r\n<h2>Test the Blocked URL<\/h2>\r\nOpen up Firefox on the Client machine, and try to connect to the URL you blocked. If all is right, you should see a blocked page.\r\n\r\n[caption id=\"attachment_207\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-207 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image.png\" alt=\"Application Block Page\" width=\"1026\" height=\"830\" \/> Figure 2.16: Application Block Page[\/caption]\r\n\r\nIf you see this page, that is alright too!\r\n\r\n[caption id=\"attachment_208\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-208 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image.png\" alt=\"Application Block Page\" width=\"1026\" height=\"830\" \/> Figure 2.17: Application Block Page[\/caption]\r\n<h2>Set Up Kali to Be a Bad Actor<\/h2>\r\nAfter entering into the live graphical environment and testing for internet connection. Open up the terminal.\r\n\r\n[caption id=\"attachment_209\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-209 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image.png\" alt=\"Open up Terminal in Kali\" width=\"1026\" height=\"830\" \/> Figure 2.18: Open up Terminal in Kali[\/caption]\r\n\r\nWe will be using <a href=\"https:\/\/github.com\/GinjaChris\/pentmenu\">Pentmenu by GinjaChris<\/a> to demonstrate a flood. Run these commands to download and run the application:\r\n<div class=\"textbox shaded\"><span style=\"color: #000000\"><code>#git clone https:\/\/github.com\/GinjaChris\/pentmenu<\/code><\/span>\r\n<span style=\"color: #000000\"><code>#cd pentmenu<\/code><\/span>\r\n<span style=\"color: #000000\"><code>#chmod +x pentmenu<\/code><\/span>\r\n<span style=\"color: #000000\"><code>#.\/pentmenu<\/code><\/span><\/div>\r\n\r\n[caption id=\"attachment_210\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-210 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image.png\" alt=\"PentMenu app\" width=\"1026\" height=\"830\" \/> Figure 2.19: PentMenu app[\/caption]\r\n\r\nSelect option 2 for DoS attack.\r\n\r\n[caption id=\"attachment_211\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-211 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image.png\" alt=\"PentMenu app - Select DOS(2)\" width=\"1026\" height=\"830\" \/> Figure 2.20: PentMenu app - Select DoS (2)[\/caption]\r\n\r\nSelect option 1 for ICMP Echo Flood.\r\n\r\n[caption id=\"attachment_212\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-212 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image.png\" alt=\"PentMenu app - Select ICMP Echo Flood(1)\" width=\"1026\" height=\"830\" \/> Figure 2.21: PentMenu app - Select ICMP Echo Flood(1)[\/caption]\r\n\r\nFor the IP, use the IP of the interface in the outside zone. It should be in the 192.168.122.0\/24 range.\r\n\r\n[caption id=\"attachment_388\" align=\"aligncenter\" width=\"1819\"]<img class=\"wp-image-388 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4.jpg\" alt=\"PentMenu app - Enter Target IP address\" width=\"1819\" height=\"794\" \/> Figure 2.22: PentMenu app - Enter Target IP address[\/caption]\r\n\r\nSelect r for random IP address.\r\n\r\n[caption id=\"attachment_214\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-214 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image.png\" alt=\"PentMenu app - Enter r for random IP address\" width=\"1026\" height=\"829\" \/> Figure 2.23: PentMenu app - Enter r for random IP address[\/caption]\r\n\r\nAfter about 2 seconds, press <strong>Ctrl+C.<\/strong>\r\n<h2>Analyze the ICMP Flood<\/h2>\r\nBack on the Management machine, go under <strong>Monitor &gt; Session browser<\/strong>.\r\n\r\n[caption id=\"attachment_216\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-216 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image.png\" alt=\" Verify session logs\" width=\"1026\" height=\"830\" \/> Figure 2.24: Verify session logs[\/caption]\r\n\r\nAs you can see, there are many entries here for ping. We want to prevent floods like these.\r\n<h2>Create a DoS Protection Profile<\/h2>\r\nUnder <strong>Objects &gt; Security Profiles &gt; DoS Protection<\/strong>. Click Add.\r\n\r\n[caption id=\"attachment_389\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-389 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5.jpg\" alt=\" Create a DOS Protection\" width=\"1026\" height=\"830\" \/> Figure 2.25: Create a DoS Protection[\/caption]\r\n\r\nSet the type to Classified and under Flood protection, click the checkbox on the <strong>SYN Flood<\/strong>, <strong>UDP Flood<\/strong>, and <strong>ICMP Flood<\/strong> tabs.\r\n\r\n[caption id=\"attachment_391\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-391 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2.jpg\" alt=\"SYN Flood Protection\" width=\"1026\" height=\"830\" \/> Figure 2.26: SYN Flood Protection[\/caption]\r\n\r\nAfter that, click <strong>OK<\/strong>.\r\n<h2>Apply the DoS Protection Profile<\/h2>\r\nUnder <strong>Policies &gt; Dos Protection<\/strong>. Click <strong>Add<\/strong>.\r\n\r\n[caption id=\"attachment_392\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-392 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7.jpg\" alt=\" Add a DoS Protection Rule\" width=\"1026\" height=\"830\" \/> Figure 2.27: Add a DoS Protection Rule[\/caption]\r\n\r\nUnder the Source tab, add the Outside zone.\r\n\r\n[caption id=\"attachment_220\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-220 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image.png\" alt=\"Add the Source Zone\" width=\"1026\" height=\"830\" \/> Figure 2.28: Add the Source Zone[\/caption]\r\n\r\nUnder the Destination tab, add the Inside zone.\r\n\r\n[caption id=\"attachment_221\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-221 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image.png\" alt=\"Add the Destination Zone\" width=\"1026\" height=\"830\" \/> Figure 2.29: Add the Destination Zone[\/caption]\r\n\r\nUnder the <strong>Option\/Protection<\/strong> tab, configure these settings:\r\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%;height: 120px\" border=\"0\"><caption>Table 2.5: DoS Rule Protection Configuration<\/caption>\r\n<tbody>\r\n<tr style=\"height: 15px\">\r\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Parameter<\/th>\r\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Value<\/th>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Action<\/td>\r\n<td style=\"width: 50%;height: 15px\">Protect<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Schedule<\/td>\r\n<td style=\"width: 50%;height: 15px\">None<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Log Forwarding<\/td>\r\n<td style=\"width: 50%;height: 15px\">None<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Aggregate<\/td>\r\n<td style=\"width: 50%;height: 15px\">None<\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Classified<\/td>\r\n<td style=\"width: 50%;height: 15px\"><em>Tick this box<\/em><\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Profile<\/td>\r\n<td style=\"width: 50%;height: 15px\"><em>The name of the one you created<\/em><\/td>\r\n<\/tr>\r\n<tr style=\"height: 15px\">\r\n<td style=\"width: 50%;height: 15px\">Address<\/td>\r\n<td style=\"width: 50%;height: 15px\">source-IP-only<\/td>\r\n<\/tr>\r\n<\/tbody>\r\n<\/table>\r\n[caption id=\"attachment_222\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-222 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image.png\" alt=\"DoS Rule - Option\/Policies\" width=\"1026\" height=\"830\" \/> Figure 2.30: DoS Rule - Option\/Policies[\/caption]\r\n\r\nThen click <strong>OK<\/strong>.\r\n<h2>Create a Zone Protection Profile<\/h2>\r\nUnder <strong>Network &gt; Network Profiles &gt; Zone Protection<\/strong>. Click <strong>Add<\/strong>.\r\n\r\n[caption id=\"attachment_393\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-393 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8.jpg\" alt=\"Add a Zone Protection\" width=\"1026\" height=\"830\" \/> Figure 2.31: Add a Zone Protection[\/caption]\r\n\r\nUnder the flood protection tab, tick <strong>SYN<\/strong>, <strong>ICMP<\/strong>, and <strong>UDP<\/strong>.\r\n\r\n[caption id=\"attachment_224\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-224 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image.png\" alt=\"Add a Flood Protection\" width=\"1026\" height=\"830\" \/> Figure 2.32: Add a Flood Protection[\/caption]\r\n\r\nUnder the Reconnaissance Protection tab, tick enables on all boxes, and change the action to block.\r\n\r\n[caption id=\"attachment_225\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-225 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image.png\" alt=\"Set UDP Port Scan\" width=\"1026\" height=\"830\" \/> Figure 2.33: Set UDP Port Scan[\/caption]\r\n\r\nUnder the Packet Based Attack Protection tab, under the IP drop subtab, tick on <strong>Spoofed IP address<\/strong> and <strong>Strict IP Address<\/strong> Check.\r\n\r\n[caption id=\"attachment_226\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-226 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image.png\" alt=\"Enable Spoof IP address and Strict Address Check\" width=\"1026\" height=\"830\" \/> Figure 2.34: Enable Spoof IP address and Strict Address Check[\/caption]\r\n\r\nUnder the Packet Based Attack Protection tab, under the TCP drop subtab, tick on <strong>TCP SYN with Data<\/strong> and <strong>TCP SYNACK with Data<\/strong>.\r\n\r\n[caption id=\"attachment_227\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-227 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image.png\" alt=\"Enable TCP SYN with Data\" width=\"1026\" height=\"830\" \/> Figure 2.35: Enable TCP SYN with Data[\/caption]\r\n\r\nUnder the Packet Based Attack Protection tab, under the ICMP drop subtab, tick on<strong> ICMP Ping ID 0<\/strong>,<strong> ICMP Fragment<\/strong>, and <strong>ICMP Large Packet(&gt;1024).<\/strong>\r\n\r\n[caption id=\"attachment_228\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-228 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image.png\" alt=\"Enable ICMP Ping ID 0, ICMP Fragment\" width=\"1026\" height=\"830\" \/> Figure 2.36: Enable ICMP Ping ID 0, ICMP Fragment[\/caption]\r\n\r\nThen click <strong>OK<\/strong>.\r\n<h2>Apply a Zone Protection Profile<\/h2>\r\nUnder <strong>Network &gt; Zones<\/strong>. Click on the Outside Zone.\r\n\r\n[caption id=\"attachment_394\" align=\"aligncenter\" width=\"1024\"]<img class=\"wp-image-394 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9.jpg\" alt=\"Create an Outside zone\" width=\"1024\" height=\"769\" \/> Figure 2.37: Create an Outside zone[\/caption]\r\n\r\nUnder the Zone Protection category, select the profile you just created.\r\n\r\n[caption id=\"attachment_395\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-395 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10.jpg\" alt=\"Enable Zone Protection under Outside Zone\" width=\"1026\" height=\"830\" \/> Figure 2.38: Enable Zone Protection under Outside Zone[\/caption]\r\n\r\nClick <strong>OK<\/strong>.\r\n\r\nDon't forget to commit your changes!\r\n<h2>Test the DoS Protection<\/h2>\r\nRun Pentmenu again using the previous options, then <strong>Ctrl+C<\/strong> after 3 seconds.\r\n\r\n[caption id=\"attachment_231\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-231 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image.png\" alt=\"Running PentMenu\" width=\"1026\" height=\"829\" \/> Figure 2.39: Running PentMenu[\/caption]\r\n\r\nUnder <strong>Monitor &gt; Logs &gt; Threat<\/strong>. You should see an entry for an ICMP flood.\r\n\r\n[caption id=\"attachment_232\" align=\"aligncenter\" width=\"1026\"]<img class=\"wp-image-232 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image.png\" alt=\"Verify logs\" width=\"1026\" height=\"830\" \/> Figure 2.40: Verify logs[\/caption]","rendered":"<div class=\"textbox textbox--learning-objectives\">\n<header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n<li>Restrict certain websites<\/li>\n<li>Deal with DoS floods<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox\">\n<p><strong>Prerequisites<\/strong>:<\/p>\n<ul>\n<li>SNAT for the Internet<\/li>\n<li>Security policy for Inside to Outside<\/li>\n<li>Interface configuration<\/li>\n<li>Knowledge of previous labs<\/li>\n<\/ul>\n<\/div>\n<div class=\"textbox shaded\">\n<p><strong>Scenario<\/strong>: In this lab, we will learn how to block a specific website and how to prevent script kiddies from succeeding with the infinite ping tool they downloaded from the sketchiest site you&#8217;ve ever seen. Kali acts like an attacker machine and we are going to attack the firewall through port Ethernet1\/2. Then, we&#8217;ll enable DoS Prevention in the firewall to prevent attacks.<\/p>\n<\/div>\n<figure id=\"attachment_197\" aria-describedby=\"caption-attachment-197\" style=\"width: 1164px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-197 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image.png\" alt=\"Main scenario\" width=\"1164\" height=\"604\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image.png 1164w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-300x156.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-1024x531.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-768x399.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-65x34.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-225x117.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-07-28-image-350x182.png 350w\" sizes=\"auto, (max-width: 1164px) 100vw, 1164px\" \/><figcaption id=\"caption-attachment-197\" class=\"wp-caption-text\">Figure 2.6: Main scenario<\/figcaption><\/figure>\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%;height: 107px\">\n<caption>Table 2.3: Addressing Table<\/caption>\n<tbody>\n<tr style=\"height: 15px\">\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Device<\/th>\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Configuration<\/th>\n<\/tr>\n<tr style=\"height: 47px\">\n<td style=\"width: 50%;height: 47px\">PaloAlto-1<\/td>\n<td style=\"width: 50%;height: 47px\">management: 192.168.0.1\/24<br \/>\nEthernet1\/1: 10.0.0.1\/24<br \/>\nEthernet1\/2: DHCP<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Client (webterm)<\/td>\n<td style=\"width: 50%;height: 15px\">eth0: 10.0.0.2\/24 GW: 10.0.0.1\u00a0DNS: 8.8.8.8<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Management (webterm)<\/td>\n<td style=\"width: 50%;height: 15px\">eth0: 192.168.0.2\/24<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">KaliLinux2019-3-1<\/td>\n<td style=\"width: 50%;height: 15px\">eth0: DHCP<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%\">\n<caption>Table 2.4: Zone Configuration<\/caption>\n<tbody>\n<tr>\n<th style=\"width: 50%\" scope=\"col\">Zone<\/th>\n<th style=\"width: 50%\" scope=\"col\">Interfaces<\/th>\n<\/tr>\n<tr>\n<td style=\"width: 50%\">Inside<\/td>\n<td style=\"width: 50%\">Ethernet1\/1<\/td>\n<\/tr>\n<tr>\n<td style=\"width: 50%\">Outside<\/td>\n<td style=\"width: 50%\">Ethernet1\/2<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Create a URL Category<\/h2>\n<p>Under<strong> object &gt; custom objects &gt; URL category<\/strong>, click <strong>Add<\/strong>. Click cancel on the pop-up.<\/p>\n<figure id=\"attachment_198\" aria-describedby=\"caption-attachment-198\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-198 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image.png\" alt=\"Create a Custom URL Category\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-21-06-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-198\" class=\"wp-caption-text\">Figure 2.7: Create a Custom URL Category<\/figcaption><\/figure>\n<p>Here we can block 5, 6, or multiple sites. But here we will use just 1. Give it a name, then click <strong>Add<\/strong>.<\/p>\n<figure id=\"attachment_620\" aria-describedby=\"caption-attachment-620\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-620 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1.jpg\" alt=\"Add a CustomURL Category\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/1-1-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-620\" class=\"wp-caption-text\">Figure 2.8: Add a CustomURL Category<\/figcaption><\/figure>\n<p>Enter some websites you would like to block. Here I have added a sample website <a href=\"https:\/\/www.thegreattechadventure.com\">(www.thegreattechadventure.com)<\/a> you can also use wildcards if you want.<\/p>\n<p>After you&#8217;re done. Click <strong>OK<\/strong>.<\/p>\n<h2>Block a Website<\/h2>\n<p>Under <strong>Policies &gt; Security<\/strong>. Click <strong>Add<\/strong>:<\/p>\n<figure id=\"attachment_382\" aria-describedby=\"caption-attachment-382\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-382 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3.jpg\" alt=\"Add a security policy\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/NAT3-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-382\" class=\"wp-caption-text\">Figure 2.9: Add a security policy<\/figcaption><\/figure>\n<p>Under the source tab, add the Inside zone under the source zone:<\/p>\n<figure id=\"attachment_201\" aria-describedby=\"caption-attachment-201\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-201 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image.png\" alt=\"Add a Source Zone\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-28-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-201\" class=\"wp-caption-text\">Figure 2.10: Add a Source Zone<\/figcaption><\/figure>\n<p>Under the destination tab, add the Outside zone under the destination zone:<\/p>\n<figure id=\"attachment_202\" aria-describedby=\"caption-attachment-202\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-202 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image.png\" alt=\"Add a Destination Zone\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-33-53-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-202\" class=\"wp-caption-text\">Figure 2.11: Add a Destination Zone<\/figcaption><\/figure>\n<p>Under the <strong>Service\/URL<\/strong> Category tab, add the created URL category you created in the previous step.<\/p>\n<figure id=\"attachment_621\" aria-describedby=\"caption-attachment-621\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-621 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2.jpg\" alt=\"Assign URL Category\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-621\" class=\"wp-caption-text\">Figure 2.12: Assign URL Category<\/figcaption><\/figure>\n<p>Under the actions page, set the action to deny.<\/p>\n<figure id=\"attachment_386\" aria-describedby=\"caption-attachment-386\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-386 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2.jpg\" alt=\"Set an Action to Deny\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec2-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-386\" class=\"wp-caption-text\">Figure 2.13: Set an Action to Deny<\/figcaption><\/figure>\n<p>Then click <strong>OK<\/strong>.<\/p>\n<h2>Enable Block Pages<\/h2>\n<p>Under <strong>Device &gt; Response pages<\/strong>. Click on Disabled beside Application Block Page.<\/p>\n<figure id=\"attachment_387\" aria-describedby=\"caption-attachment-387\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-387 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3.jpg\" alt=\"Enabling Application Block Page\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec3-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-387\" class=\"wp-caption-text\">Figure 2.14: Enabling Application Block Page<\/figcaption><\/figure>\n<p><span style=\"background-color: #ffff00\">Enable the checkbox, then press <strong>OK<\/strong>.<\/span><\/p>\n<figure id=\"attachment_206\" aria-describedby=\"caption-attachment-206\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-206 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image.png\" alt=\"Enabling Application Block Page\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-38-58-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-206\" class=\"wp-caption-text\">Figure 2.15: Enabling Application Block Page<\/figcaption><\/figure>\n<p>Make sure to commit your changes!<\/p>\n<h2>Test the Blocked URL<\/h2>\n<p>Open up Firefox on the Client machine, and try to connect to the URL you blocked. If all is right, you should see a blocked page.<\/p>\n<figure id=\"attachment_207\" aria-describedby=\"caption-attachment-207\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-207 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image.png\" alt=\"Application Block Page\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-41-38-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-207\" class=\"wp-caption-text\">Figure 2.16: Application Block Page<\/figcaption><\/figure>\n<p>If you see this page, that is alright too!<\/p>\n<figure id=\"attachment_208\" aria-describedby=\"caption-attachment-208\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-208 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image.png\" alt=\"Application Block Page\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-42-15-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-208\" class=\"wp-caption-text\">Figure 2.17: Application Block Page<\/figcaption><\/figure>\n<h2>Set Up Kali to Be a Bad Actor<\/h2>\n<p>After entering into the live graphical environment and testing for internet connection. Open up the terminal.<\/p>\n<figure id=\"attachment_209\" aria-describedby=\"caption-attachment-209\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-209 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image.png\" alt=\"Open up Terminal in Kali\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-44-16-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-209\" class=\"wp-caption-text\">Figure 2.18: Open up Terminal in Kali<\/figcaption><\/figure>\n<p>We will be using <a href=\"https:\/\/github.com\/GinjaChris\/pentmenu\">Pentmenu by GinjaChris<\/a> to demonstrate a flood. Run these commands to download and run the application:<\/p>\n<div class=\"textbox shaded\"><span style=\"color: #000000\"><code>#git clone https:\/\/github.com\/GinjaChris\/pentmenu<\/code><\/span><br \/>\n<span style=\"color: #000000\"><code>#cd pentmenu<\/code><\/span><br \/>\n<span style=\"color: #000000\"><code>#chmod +x pentmenu<\/code><\/span><br \/>\n<span style=\"color: #000000\"><code>#.\/pentmenu<\/code><\/span><\/div>\n<figure id=\"attachment_210\" aria-describedby=\"caption-attachment-210\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-210 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image.png\" alt=\"PentMenu app\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-56-14-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-210\" class=\"wp-caption-text\">Figure 2.19: PentMenu app<\/figcaption><\/figure>\n<p>Select option 2 for DoS attack.<\/p>\n<figure id=\"attachment_211\" aria-describedby=\"caption-attachment-211\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-211 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image.png\" alt=\"PentMenu app - Select DOS(2)\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-05-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-211\" class=\"wp-caption-text\">Figure 2.20: PentMenu app &#8211; Select DoS (2)<\/figcaption><\/figure>\n<p>Select option 1 for ICMP Echo Flood.<\/p>\n<figure id=\"attachment_212\" aria-describedby=\"caption-attachment-212\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-212 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image.png\" alt=\"PentMenu app - Select ICMP Echo Flood(1)\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-00-57-43-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-212\" class=\"wp-caption-text\">Figure 2.21: PentMenu app &#8211; Select ICMP Echo Flood(1)<\/figcaption><\/figure>\n<p>For the IP, use the IP of the interface in the outside zone. It should be in the 192.168.122.0\/24 range.<\/p>\n<figure id=\"attachment_388\" aria-describedby=\"caption-attachment-388\" style=\"width: 1819px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-388 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4.jpg\" alt=\"PentMenu app - Enter Target IP address\" width=\"1819\" height=\"794\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4.jpg 1819w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-300x131.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-1024x447.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-768x335.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-1536x670.jpg 1536w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-65x28.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-225x98.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec4-350x153.jpg 350w\" sizes=\"auto, (max-width: 1819px) 100vw, 1819px\" \/><figcaption id=\"caption-attachment-388\" class=\"wp-caption-text\">Figure 2.22: PentMenu app &#8211; Enter Target IP address<\/figcaption><\/figure>\n<p>Select r for random IP address.<\/p>\n<figure id=\"attachment_214\" aria-describedby=\"caption-attachment-214\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-214 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image.png\" alt=\"PentMenu app - Enter r for random IP address\" width=\"1026\" height=\"829\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-300x242.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-1024x827.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-01-02-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-214\" class=\"wp-caption-text\">Figure 2.23: PentMenu app &#8211; Enter r for random IP address<\/figcaption><\/figure>\n<p>After about 2 seconds, press <strong>Ctrl+C.<\/strong><\/p>\n<h2>Analyze the ICMP Flood<\/h2>\n<p>Back on the Management machine, go under <strong>Monitor &gt; Session browser<\/strong>.<\/p>\n<figure id=\"attachment_216\" aria-describedby=\"caption-attachment-216\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-216 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image.png\" alt=\"Verify session logs\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-05-43-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-216\" class=\"wp-caption-text\">Figure 2.24: Verify session logs<\/figcaption><\/figure>\n<p>As you can see, there are many entries here for ping. We want to prevent floods like these.<\/p>\n<h2>Create a DoS Protection Profile<\/h2>\n<p>Under <strong>Objects &gt; Security Profiles &gt; DoS Protection<\/strong>. Click Add.<\/p>\n<figure id=\"attachment_389\" aria-describedby=\"caption-attachment-389\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-389 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5.jpg\" alt=\"Create a DOS Protection\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec5-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-389\" class=\"wp-caption-text\">Figure 2.25: Create a DoS Protection<\/figcaption><\/figure>\n<p>Set the type to Classified and under Flood protection, click the checkbox on the <strong>SYN Flood<\/strong>, <strong>UDP Flood<\/strong>, and <strong>ICMP Flood<\/strong> tabs.<\/p>\n<figure id=\"attachment_391\" aria-describedby=\"caption-attachment-391\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-391 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2.jpg\" alt=\"SYN Flood Protection\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec6.2-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-391\" class=\"wp-caption-text\">Figure 2.26: SYN Flood Protection<\/figcaption><\/figure>\n<p>After that, click <strong>OK<\/strong>.<\/p>\n<h2>Apply the DoS Protection Profile<\/h2>\n<p>Under <strong>Policies &gt; Dos Protection<\/strong>. Click <strong>Add<\/strong>.<\/p>\n<figure id=\"attachment_392\" aria-describedby=\"caption-attachment-392\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-392 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7.jpg\" alt=\"Add a DoS Protection Rule\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec7-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-392\" class=\"wp-caption-text\">Figure 2.27: Add a DoS Protection Rule<\/figcaption><\/figure>\n<p>Under the Source tab, add the Outside zone.<\/p>\n<figure id=\"attachment_220\" aria-describedby=\"caption-attachment-220\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-220 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image.png\" alt=\"Add the Source Zone\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-13-35-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-220\" class=\"wp-caption-text\">Figure 2.28: Add the Source Zone<\/figcaption><\/figure>\n<p>Under the Destination tab, add the Inside zone.<\/p>\n<figure id=\"attachment_221\" aria-describedby=\"caption-attachment-221\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-221 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image.png\" alt=\"Add the Destination Zone\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-14-15-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-221\" class=\"wp-caption-text\">Figure 2.29: Add the Destination Zone<\/figcaption><\/figure>\n<p>Under the <strong>Option\/Protection<\/strong> tab, configure these settings:<\/p>\n<table class=\"grid\" style=\"border-collapse: collapse;width: 100%;height: 120px\">\n<caption>Table 2.5: DoS Rule Protection Configuration<\/caption>\n<tbody>\n<tr style=\"height: 15px\">\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Parameter<\/th>\n<th style=\"width: 50%;height: 15px\" scope=\"col\">Value<\/th>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Action<\/td>\n<td style=\"width: 50%;height: 15px\">Protect<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Schedule<\/td>\n<td style=\"width: 50%;height: 15px\">None<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Log Forwarding<\/td>\n<td style=\"width: 50%;height: 15px\">None<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Aggregate<\/td>\n<td style=\"width: 50%;height: 15px\">None<\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Classified<\/td>\n<td style=\"width: 50%;height: 15px\"><em>Tick this box<\/em><\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Profile<\/td>\n<td style=\"width: 50%;height: 15px\"><em>The name of the one you created<\/em><\/td>\n<\/tr>\n<tr style=\"height: 15px\">\n<td style=\"width: 50%;height: 15px\">Address<\/td>\n<td style=\"width: 50%;height: 15px\">source-IP-only<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<figure id=\"attachment_222\" aria-describedby=\"caption-attachment-222\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-222 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image.png\" alt=\"DoS Rule - Option\/Policies\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-17-49-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-222\" class=\"wp-caption-text\">Figure 2.30: DoS Rule &#8211; Option\/Policies<\/figcaption><\/figure>\n<p>Then click <strong>OK<\/strong>.<\/p>\n<h2>Create a Zone Protection Profile<\/h2>\n<p>Under <strong>Network &gt; Network Profiles &gt; Zone Protection<\/strong>. Click <strong>Add<\/strong>.<\/p>\n<figure id=\"attachment_393\" aria-describedby=\"caption-attachment-393\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-393 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8.jpg\" alt=\"Add a Zone Protection\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec8-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-393\" class=\"wp-caption-text\">Figure 2.31: Add a Zone Protection<\/figcaption><\/figure>\n<p>Under the flood protection tab, tick <strong>SYN<\/strong>, <strong>ICMP<\/strong>, and <strong>UDP<\/strong>.<\/p>\n<figure id=\"attachment_224\" aria-describedby=\"caption-attachment-224\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-224 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image.png\" alt=\"Add a Flood Protection\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-18-37-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-224\" class=\"wp-caption-text\">Figure 2.32: Add a Flood Protection<\/figcaption><\/figure>\n<p>Under the Reconnaissance Protection tab, tick enables on all boxes, and change the action to block.<\/p>\n<figure id=\"attachment_225\" aria-describedby=\"caption-attachment-225\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-225 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image.png\" alt=\"Set UDP Port Scan\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-20-40-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-225\" class=\"wp-caption-text\">Figure 2.33: Set UDP Port Scan<\/figcaption><\/figure>\n<p>Under the Packet Based Attack Protection tab, under the IP drop subtab, tick on <strong>Spoofed IP address<\/strong> and <strong>Strict IP Address<\/strong> Check.<\/p>\n<figure id=\"attachment_226\" aria-describedby=\"caption-attachment-226\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-226 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image.png\" alt=\"Enable Spoof IP address and Strict Address Check\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-23-19-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-226\" class=\"wp-caption-text\">Figure 2.34: Enable Spoof IP address and Strict Address Check<\/figcaption><\/figure>\n<p>Under the Packet Based Attack Protection tab, under the TCP drop subtab, tick on <strong>TCP SYN with Data<\/strong> and <strong>TCP SYNACK with Data<\/strong>.<\/p>\n<figure id=\"attachment_227\" aria-describedby=\"caption-attachment-227\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-227 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image.png\" alt=\"Enable TCP SYN with Data\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-24-19-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-227\" class=\"wp-caption-text\">Figure 2.35: Enable TCP SYN with Data<\/figcaption><\/figure>\n<p>Under the Packet Based Attack Protection tab, under the ICMP drop subtab, tick on<strong> ICMP Ping ID 0<\/strong>,<strong> ICMP Fragment<\/strong>, and <strong>ICMP Large Packet(&gt;1024).<\/strong><\/p>\n<figure id=\"attachment_228\" aria-describedby=\"caption-attachment-228\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-228 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image.png\" alt=\"Enable ICMP Ping ID 0, ICMP Fragment\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-25-24-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-228\" class=\"wp-caption-text\">Figure 2.36: Enable ICMP Ping ID 0, ICMP Fragment<\/figcaption><\/figure>\n<p>Then click <strong>OK<\/strong>.<\/p>\n<h2>Apply a Zone Protection Profile<\/h2>\n<p>Under <strong>Network &gt; Zones<\/strong>. Click on the Outside Zone.<\/p>\n<figure id=\"attachment_394\" aria-describedby=\"caption-attachment-394\" style=\"width: 1024px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-394 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9.jpg\" alt=\"Create an Outside zone\" width=\"1024\" height=\"769\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9-300x225.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9-768x577.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9-65x49.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9-225x169.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec9-350x263.jpg 350w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption id=\"caption-attachment-394\" class=\"wp-caption-text\">Figure 2.37: Create an Outside zone<\/figcaption><\/figure>\n<p>Under the Zone Protection category, select the profile you just created.<\/p>\n<figure id=\"attachment_395\" aria-describedby=\"caption-attachment-395\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-395 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10.jpg\" alt=\"Enable Zone Protection under Outside Zone\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10.jpg 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-300x243.jpg 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-1024x828.jpg 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-768x621.jpg 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-65x53.jpg 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-225x182.jpg 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/Sec10-350x283.jpg 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-395\" class=\"wp-caption-text\">Figure 2.38: Enable Zone Protection under Outside Zone<\/figcaption><\/figure>\n<p>Click <strong>OK<\/strong>.<\/p>\n<p>Don&#8217;t forget to commit your changes!<\/p>\n<h2>Test the DoS Protection<\/h2>\n<p>Run Pentmenu again using the previous options, then <strong>Ctrl+C<\/strong> after 3 seconds.<\/p>\n<figure id=\"attachment_231\" aria-describedby=\"caption-attachment-231\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-231 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image.png\" alt=\"Running PentMenu\" width=\"1026\" height=\"829\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-300x242.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-1024x827.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-06-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-231\" class=\"wp-caption-text\">Figure 2.39: Running PentMenu<\/figcaption><\/figure>\n<p>Under <strong>Monitor &gt; Logs &gt; Threat<\/strong>. You should see an entry for an ICMP flood.<\/p>\n<figure id=\"attachment_232\" aria-describedby=\"caption-attachment-232\" style=\"width: 1026px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-232 size-full\" src=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image.png\" alt=\"Verify logs\" width=\"1026\" height=\"830\" srcset=\"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image.png 1026w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-300x243.png 300w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-1024x828.png 1024w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-768x621.png 768w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-65x53.png 65w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-225x182.png 225w, https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-content\/uploads\/sites\/1640\/2022\/04\/2022-04-23-01-54-49-image-350x283.png 350w\" sizes=\"auto, (max-width: 1026px) 100vw, 1026px\" \/><figcaption id=\"caption-attachment-232\" class=\"wp-caption-text\">Figure 2.40: Verify logs<\/figcaption><\/figure>\n","protected":false},"author":1572,"menu_order":2,"template":"","meta":{"pb_show_title":"on","pb_short_title":"","pb_subtitle":"","pb_authors":[],"pb_section_license":""},"chapter-type":[],"contributor":[],"license":[],"class_list":["post-119","chapter","type-chapter","status-publish","hentry"],"part":115,"_links":{"self":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/119","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters"}],"about":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/types\/chapter"}],"author":[{"embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/users\/1572"}],"version-history":[{"count":25,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/119\/revisions"}],"predecessor-version":[{"id":1218,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/119\/revisions\/1218"}],"part":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/parts\/115"}],"metadata":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapters\/119\/metadata\/"}],"wp:attachment":[{"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/media?parent=119"}],"wp:term":[{"taxonomy":"chapter-type","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/pressbooks\/v2\/chapter-type?post=119"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/contributor?post=119"},{"taxonomy":"license","embeddable":true,"href":"https:\/\/pressbooks.bccampus.ca\/paloalto\/wp-json\/wp\/v2\/license?post=119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}