TABLE OF CONTENTS The following tables provide a summary of the defenses provided by Check Point s SmartDefense organized by protocol and OSI layer.
| Application Layer | |
| Attack Prevention Safeguards | Attacks Blocked |
| HTTP Client (browser and other client host components) | |
| Limit maximum response header length. | Code Red worm and mutations |
| Prohibit binary characters in HTTP response headers. | Nimda worm and mutations HTR Overflow worm and mutations |
| Validate HTTP response protocol compliance. | MDAC buffer overflow and mutations |
| Drop user-defined URLs. | Malicious URLs |
| URL filtering. | User-defined worms and mutations |
| Restrict download of user-defined files. | Cross-Site Scripting attacks |
| Restrict peer-to-peer connections. | |
| Restrict peer-to-peer connections for non-HTTP ports. | |
| Drop Java code. | |
| Strip script tags. | |
| Strip applet tags. | |
| Strip FTP links. | |
| Strip port strings. | |
| Strip ActiveX tags. | |
| HTTP Server | |
| Limit maximum URL length. | Encoding attacks |
| Limit maximum number of response headers allowed. | User-defined worms and mutations Code Red worm and mutations |
| Limit maximum request header length. | Nimda worm and mutations |
| Limit maximum response header length. | HTR Overflow worm and mutations |
| Specify header length, using regular expressions for header name and value. | Directory traversal attacks MDAC buffer overflow and mutations |
| Reject HTTP headers that contain specific header names or values. | Malicious URLs Chunked transfer encoding attacks |
| Prohibit binary characters in HTTP response headers. | Cross-Site Scripting attacks HTTP-based attacks... |
