Martian Addresses
The Martian Addresses page enables entering IP addresses that indicate an attack if they are seen on the network. Packets from these addresses are discarded. The device supports a set of reserved Martian addresses that are illegal from the point of view of the IP protocol. The supported reserved Martian addresses are:
Addresses defined to be illegal in the Martian Addresses page
Addresses that are illegal from the point of view of the protocol, such as loopback addresses, including addresses within the following ranges:
0.0.0.0/8 (Except 0.0.0.0/32 as a Source Address)-Addresses in this block refer to source hosts on this network.
127.0.0.0/8-Used as the Internet host loopback address
192.0.2.0/24-Used as the TEST-NET in documentation and example codes
224.0.0.0/4 (As a Source IP Address)-Used in IPv4 Multicast address assignments, and was formerly known as Class D Address Space.
240.0.0.0/4 (Except 255.255.255.255/32 as a Destination Address)-Reserved address range, and was formerly known as Class E Address Space.
You can also add new Martian Addresses for DoS prevention. Packets that have a Martian address are discarded.
To define Martian addresses, follow these steps:
Procedure
Step 1 | Click Security > Denial of Service Prevention > Martian Addresses. |
Step 2 | Select Reserved Martian Addresses and click Apply to include the reserved Martian Addresses in the System Level Prevention list. |
Step 3 | To add a Martian address click Add. |
Step 4 | Enter the parameters.
|
Step 5 | Click Apply. |