This protection checks for the validity of response messages to the potentially malicious LIST and UPDATE LIST commands. The detect mode makes it possible to track NNTP protocol violation without blocking the connection.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:.
Attack Name: NNTP Enforcement Error.
Attack Information: An internal handling error has occurred. This may be caused by a corrupt packet or internal limits exceeded. .
Attack Name: NNTP Buffer Overflow.
Attack Information: NNTP XPAT Search command buffer overflow.