Network Attacks - An Overview
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
743
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
TCP
-SYN-FLOOD
tcp-syn-flood [{threshold <1-4294967295> <1-4294967295>
|timeout <1-4294967295>}]
The server builds in its system memory a data structure describing all pending
connections. This data structure is of finite size, and it can be made to overflow by
intentionally creating too many partially-open connections. Systems providing
TCP-based services to the Internet community may be unable to provide services
while under this attack and for some time after this attack ceases. To protect the
system from this attack, this command is also included in the default attack
prevention list.
UDP-FLOOD
udp-flood [threshold <1-4294967295> <1-4294967295>]
A UDP Flood Attack is possible when an attacker sends a UDP packet to a
random port on the victim system. When the victim system receives a UDP
packet, it will determine what application is waiting on the destination port. When it
realizes that there is no application that is waiting on the port, it will generate an
ICMP packet of destination unreachable to the forged source address. If enough
UDP packets are delivered to ports on victim, the system will go down.
UDP-PORT-LOOPBACK
udp-port-loopback [threshold <1-4294967295> <1-4294967295>]
An UDP packet travels between two "echoing" ports. Such packets can bounce
infinite number of times, using up network bandwidth and CPU. An intruder can
cause problems by spoofing a packet from one machine and send it to another.
The malicious intruder could generate lots of these packets in order to totally
overwhelm the systems and network. This keyword is included with appropriate
parameters in the default list.
To Next Page
Loading...
