User manual
Chapter 34 IDP
ZyWALL USG 300 User’s Guide
616
34.8.2 Custom Signature Example
Before creating a custom signature, you must first clearly understand the
vulnerability.
34.8.2.1 Understand the Vulnerability
Check the ZyWALL logs when the attack occurs. Use web sites such as Google or
Security Focus to get as much information about the attack as you can. The more
specific your signature, the less chance it will cause false positives.
As an example, say you want to check if your router is being overloaded with DNS
queries so you create a signature to detect DNS query traffic.
OK Click this button to save your changes to the ZyWALL and return to
the summary screen.
Cancel Click this button to return to the summary screen without saving any
changes.
Table 167 Configuration > Anti-X > IDP > Custom Signatures > Add/Edit (continued)
LABEL DESCRIPTION