Network Attacks - An Overview
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
747
Alcatel-Lucent
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
IP
-SOURCE-ROUTING
ip-source-routing
Source routing is a technique whereby the sender of a packet can specify the
route that a packet should take through the network. Attackers can use source
routing to probe the network by forcing packets into specific parts of the network.
Using source routing, an attacker can collect information about a networks
topology, or other information that could be useful in performing an attack. During
an attack, an attacker could use source routing to direct packets to bypass
existing security restrictions. This command is included in the default attack
protection list to secure the network from this attack.
IP-SPOOFING
ip-spoofing
To gain access, intruders create packets with spoofed source IP addresses. This
exploits applications that use authentication based on IP addresses and leads to
unauthorized user and possibly root access on the targeted system. Current
intruder activity in spoofing source IP addresses can lead to unauthorized remote
root access to systems behind a filtering-router firewall. After gaining root access
and taking over existing terminal and login connections, intruders can gain access
to remote hosts. This command is not included in the default attack list. Can be
explicitly included to secure the network from this attack.
UDP-SNORK-ATTACK
udp-snork-attack
This is an attempt to connect two services which, if enabled, will engage in an
indefinite communication with each other.
This will cause many frames to be unnecessarily transmitted, and dramatically
reduce the performance of the network and the systems involved. To avoid this
Denial of Service overload attempt, this command is placed in the default
prevention list.
To Next Page
Loading...
